CVE-2021-3449
- EPSS 62.91%
- Veröffentlicht 25.03.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:21:33
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but incl...
CVE-2021-3450
- EPSS 18.34%
- Veröffentlicht 25.03.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:21:33
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly ...
CVE-2021-21348
- EPSS 13.83%
- Veröffentlicht 23.03.2021 00:15:13
- Zuletzt bearbeitet 23.05.2025 17:42:08
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is aff...
CVE-2021-21351
- EPSS 82.14%
- Veröffentlicht 23.03.2021 00:15:13
- Zuletzt bearbeitet 23.05.2025 17:34:20
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed inpu...
CVE-2021-21344
- EPSS 75.98%
- Veröffentlicht 23.03.2021 00:15:12
- Zuletzt bearbeitet 23.05.2025 17:40:53
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processe...
CVE-2021-23840
- EPSS 50.73%
- Veröffentlicht 16.02.2021 17:15:13
- Zuletzt bearbeitet 16.04.2026 15:16:45
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value ...
CVE-2021-23841
- EPSS 7.47%
- Veröffentlicht 16.02.2021 17:15:13
- Zuletzt bearbeitet 21.11.2024 05:51:55
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while...
CVE-2020-1971
- EPSS 6.97%
- Veröffentlicht 08.12.2020 16:15:11
- Zuletzt bearbeitet 29.05.2026 16:16:20
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they...
CVE-2020-28196
- EPSS 4.37%
- Veröffentlicht 06.11.2020 08:15:13
- Zuletzt bearbeitet 03.12.2025 19:15:52
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
CVE-2019-10219
- EPSS 2.17%
- Veröffentlicht 08.11.2019 15:15:11
- Zuletzt bearbeitet 07.07.2025 14:15:21
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.