VulnerableCode Package Details - pkg:gem/openssl@2.0.9

Search for packages

Vulnerability	Summary	Fixed by
VCID-c3y8-w4b4-3qea Aliases: CVE-2018-16395 GHSA-mmrq-6999-72v8	Improper Certificate Validation When two `OpenSSL::X509::Name` objects are compared using `==`, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of `==` will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.	2.1.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-c3y8-w4b4-3qea
Aliases:
CVE-2018-16395
GHSA-mmrq-6999-72v8

Improper Certificate Validation When two `OpenSSL::X509::Name` objects are compared using `==`, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of `==` will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.

2.1.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-c3y8-w4b4-3qea	Improper Certificate Validation When two `OpenSSL::X509::Name` objects are compared using `==`, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of `==` will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.	CVE-2018-16395 GHSA-mmrq-6999-72v8

Vulnerability

Summary

Aliases

VCID-c3y8-w4b4-3qea

CVE-2018-16395
GHSA-mmrq-6999-72v8

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:50:16.058530+00:00	GitLab Importer	Affected by	VCID-c3y8-w4b4-3qea	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/openssl/CVE-2018-16395.yml	38.4.0
2026-04-11T22:00:54.506115+00:00	GitLab Importer	Affected by	VCID-c3y8-w4b4-3qea	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/openssl/CVE-2018-16395.yml	38.3.0
2026-04-04T14:30:04.345557+00:00	GHSA Importer	Fixing	VCID-c3y8-w4b4-3qea	https://github.com/advisories/GHSA-mmrq-6999-72v8	38.1.0
2026-04-02T22:13:56.896729+00:00	GitLab Importer	Affected by	VCID-c3y8-w4b4-3qea	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/openssl/CVE-2018-16395.yml	38.1.0
2026-04-01T16:31:26.647874+00:00	GitLab Importer	Affected by	VCID-c3y8-w4b4-3qea	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/openssl/CVE-2018-16395.yml	38.0.0
2026-04-01T13:08:24.760109+00:00	GithubOSV Importer	Fixing	VCID-c3y8-w4b4-3qea	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mmrq-6999-72v8/GHSA-mmrq-6999-72v8.json	38.0.0