OpenSSL

OpenSSL

300 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 12.81%
  • Veröffentlicht 06.12.2015 20:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (...

  • EPSS 38.71%
  • Veröffentlicht 06.12.2015 20:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to ob...

  • EPSS 44.02%
  • Veröffentlicht 06.12.2015 20:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function p...

  • EPSS 25.14%
  • Veröffentlicht 06.12.2015 20:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for r...

  • EPSS 6.16%
  • Veröffentlicht 06.12.2015 20:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.

  • EPSS 61.8%
  • Veröffentlicht 09.07.2015 19:17:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers t...

  • EPSS 4.3%
  • Veröffentlicht 07.07.2015 10:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause ...

  • EPSS 22.48%
  • Veröffentlicht 12.06.2015 19:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL valu...

  • EPSS 15.97%
  • Veröffentlicht 12.06.2015 19:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial...

  • EPSS 22.9%
  • Veröffentlicht 12.06.2015 19:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash)...