CVE-2018-0732
- EPSS 49.27%
- Veröffentlicht 12.06.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:49
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime result...
CVE-2018-0737
- EPSS 12.05%
- Veröffentlicht 16.04.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:50
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixe...
CVE-2018-0733
- EPSS 8.61%
- Veröffentlicht 27.03.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:49
Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of t...
CVE-2018-0739
- EPSS 19.3%
- Veröffentlicht 27.03.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:50
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used w...
CVE-2017-3737
- EPSS 78.68%
- Veröffentlicht 07.12.2017 16:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue ...
CVE-2017-3738
- EPSS 13.41%
- Veröffentlicht 07.12.2017 16:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult...
CVE-2016-8610
- EPSS 39.66%
- Veröffentlicht 13.11.2017 22:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL ser...
CVE-2017-3736
- EPSS 10.13%
- Veröffentlicht 02.11.2017 17:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very ...
CVE-2017-3735
- EPSS 17.7%
- Veröffentlicht 28.08.2017 19:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of Op...
CVE-2016-7055
- EPSS 14.23%
- Veröffentlicht 04.05.2017 20:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA...