OpenSSL

OpenSSL

300 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.42%
  • Veröffentlicht 09.06.2026 16:03:25
  • Zuletzt bearbeitet 15.06.2026 18:14:04

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. ...

  • EPSS 0.25%
  • Veröffentlicht 09.06.2026 16:03:24
  • Zuletzt bearbeitet 15.06.2026 18:12:24

Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the status_request extension, triggering a double-free in the client's certificate verification path. Impact summary: Successful exploitation al...

Medienbericht
  • EPSS 0.51%
  • Veröffentlicht 09.06.2026 16:03:23
  • Zuletzt bearbeitet 15.06.2026 18:12:39

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnor...

  • EPSS 0.2%
  • Veröffentlicht 09.06.2026 16:03:22
  • Zuletzt bearbeitet 15.06.2026 18:13:13

Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery. Impact Summary: An a...

  • EPSS 0.24%
  • Veröffentlicht 09.06.2026 16:03:22
  • Zuletzt bearbeitet 15.06.2026 18:13:05

Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers maki...

  • EPSS 0.51%
  • Veröffentlicht 09.06.2026 16:03:17
  • Zuletzt bearbeitet 15.06.2026 18:13:21

Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may...

  • EPSS 0.3%
  • Veröffentlicht 09.06.2026 16:03:16
  • Zuletzt bearbeitet 16.06.2026 02:45:58

Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer o...

  • EPSS 0.36%
  • Veröffentlicht 09.06.2026 16:03:15
  • Zuletzt bearbeitet 16.06.2026 02:46:08

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled co...

  • EPSS 0.81%
  • Veröffentlicht 07.04.2026 22:16:21
  • Zuletzt bearbeitet 12.05.2026 13:17:33

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or crypt...

  • EPSS 0.81%
  • Veröffentlicht 07.04.2026 22:16:21
  • Zuletzt bearbeitet 12.05.2026 13:17:33

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or c...