Search for packages
| purl | pkg:alpm/archlinux/lib32-openssl@1:1.0.2.i-1 |
| Next non-vulnerable version | 1:1.0.2.k-1 |
| Latest non-vulnerable version | 1:3.1.4-1 |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7e6q-x9ge-aaas
Aliases: CVE-2016-7052 VC-OPENSSL-20160926-CVE-2016-7052 |
crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation. |
Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-581z-anfk-aaaq | The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. |
CVE-2016-6302
VC-OPENSSL-20160823-CVE-2016-6302 |
| VCID-9fjn-9378-aaae | The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. |
CVE-2016-2179
VC-OPENSSL-20160822-CVE-2016-2179 |
| VCID-a12s-yyr4-aaad | The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c. |
CVE-2016-2181
VC-OPENSSL-20160819-CVE-2016-2181 |
| VCID-agz8-77e4-aaaq | The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. |
CVE-2016-2182
VC-OPENSSL-20160816-CVE-2016-2182 |
| VCID-bms1-jrax-aaap | Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions. |
CVE-2016-6304
VC-OPENSSL-20160922-CVE-2016-6304 |
| VCID-eg7n-8h8z-aaaa | The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. |
CVE-2016-6306
VC-OPENSSL-20160921-CVE-2016-6306 |
| VCID-kryh-pfgh-aaag | OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. |
CVE-2016-2177
VC-OPENSSL-20160601-CVE-2016-2177 |
| VCID-qbz3-r843-aaaf | The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. |
CVE-2016-2183
VC-OPENSSL-20160824-CVE-2016-2183 |
| VCID-sgbg-ntsk-aaac | Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. |
CVE-2016-6303
VC-OPENSSL-20160824-CVE-2016-6303 |
| VCID-ue1t-xset-aaah | The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the "openssl ts" command. |
CVE-2016-2180
VC-OPENSSL-20160722-CVE-2016-2180 |
| VCID-z6bg-hyhu-aaas | The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. |
CVE-2016-2178
VC-OPENSSL-20160607-CVE-2016-2178 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:47:01.361279+00:00 | Arch Linux Importer | Affected by | VCID-7e6q-x9ge-aaas | https://security.archlinux.org/AVG-34 | 36.0.0 |
| 2025-03-28T07:46:19.834190+00:00 | Arch Linux Importer | Fixing | VCID-kryh-pfgh-aaag | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2025-03-28T07:46:19.813661+00:00 | Arch Linux Importer | Fixing | VCID-z6bg-hyhu-aaas | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2025-03-28T07:46:19.792898+00:00 | Arch Linux Importer | Fixing | VCID-9fjn-9378-aaae | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2025-03-28T07:46:19.772136+00:00 | Arch Linux Importer | Fixing | VCID-ue1t-xset-aaah | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2025-03-28T07:46:19.751287+00:00 | Arch Linux Importer | Fixing | VCID-a12s-yyr4-aaad | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2025-03-28T07:46:19.730821+00:00 | Arch Linux Importer | Fixing | VCID-agz8-77e4-aaaq | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2025-03-28T07:46:19.709941+00:00 | Arch Linux Importer | Fixing | VCID-qbz3-r843-aaaf | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2025-03-28T07:46:19.689421+00:00 | Arch Linux Importer | Fixing | VCID-581z-anfk-aaaq | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2025-03-28T07:46:19.668722+00:00 | Arch Linux Importer | Fixing | VCID-sgbg-ntsk-aaac | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2025-03-28T07:46:19.648229+00:00 | Arch Linux Importer | Fixing | VCID-bms1-jrax-aaap | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2025-03-28T07:46:19.627518+00:00 | Arch Linux Importer | Fixing | VCID-eg7n-8h8z-aaaa | https://security.archlinux.org/AVG-30 | 36.0.0 |
| 2024-10-23T22:18:47.589540+00:00 | Arch Linux Importer | Affected by | VCID-7e6q-x9ge-aaas | https://security.archlinux.org/AVG-34 | 34.0.2 |
| 2024-10-23T22:18:46.895851+00:00 | Arch Linux Importer | Fixing | VCID-kryh-pfgh-aaag | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-10-23T22:18:46.872986+00:00 | Arch Linux Importer | Fixing | VCID-z6bg-hyhu-aaas | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-10-23T22:18:46.850393+00:00 | Arch Linux Importer | Fixing | VCID-9fjn-9378-aaae | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-10-23T22:18:46.827827+00:00 | Arch Linux Importer | Fixing | VCID-ue1t-xset-aaah | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-10-23T22:18:46.804146+00:00 | Arch Linux Importer | Fixing | VCID-a12s-yyr4-aaad | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-10-23T22:18:46.780477+00:00 | Arch Linux Importer | Fixing | VCID-agz8-77e4-aaaq | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-10-23T22:18:46.757551+00:00 | Arch Linux Importer | Fixing | VCID-qbz3-r843-aaaf | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-10-23T22:18:46.734434+00:00 | Arch Linux Importer | Fixing | VCID-581z-anfk-aaaq | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-10-23T22:18:46.711622+00:00 | Arch Linux Importer | Fixing | VCID-sgbg-ntsk-aaac | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-10-23T22:18:46.688314+00:00 | Arch Linux Importer | Fixing | VCID-bms1-jrax-aaap | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-10-23T22:18:46.659495+00:00 | Arch Linux Importer | Fixing | VCID-eg7n-8h8z-aaaa | https://security.archlinux.org/AVG-30 | 34.0.2 |
| 2024-09-18T02:02:23.673237+00:00 | Arch Linux Importer | Affected by | VCID-7e6q-x9ge-aaas | https://security.archlinux.org/AVG-34 | 34.0.1 |
| 2024-09-18T02:01:33.396171+00:00 | Arch Linux Importer | Fixing | VCID-kryh-pfgh-aaag | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-09-18T02:01:33.369752+00:00 | Arch Linux Importer | Fixing | VCID-z6bg-hyhu-aaas | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-09-18T02:01:33.343314+00:00 | Arch Linux Importer | Fixing | VCID-9fjn-9378-aaae | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-09-18T02:01:33.318778+00:00 | Arch Linux Importer | Fixing | VCID-ue1t-xset-aaah | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-09-18T02:01:33.283881+00:00 | Arch Linux Importer | Fixing | VCID-a12s-yyr4-aaad | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-09-18T02:01:33.250134+00:00 | Arch Linux Importer | Fixing | VCID-agz8-77e4-aaaq | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-09-18T02:01:33.217946+00:00 | Arch Linux Importer | Fixing | VCID-qbz3-r843-aaaf | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-09-18T02:01:33.136753+00:00 | Arch Linux Importer | Fixing | VCID-581z-anfk-aaaq | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-09-18T02:01:33.064042+00:00 | Arch Linux Importer | Fixing | VCID-sgbg-ntsk-aaac | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-09-18T02:01:32.974222+00:00 | Arch Linux Importer | Fixing | VCID-bms1-jrax-aaap | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-09-18T02:01:32.875525+00:00 | Arch Linux Importer | Fixing | VCID-eg7n-8h8z-aaaa | https://security.archlinux.org/AVG-30 | 34.0.1 |
| 2024-04-28T07:57:46.668796+00:00 | Arch Linux Importer | Affected by | VCID-7e6q-x9ge-aaas | https://security.archlinux.org/AVG-34 | 34.0.0rc4 |
| 2024-04-28T07:57:46.386969+00:00 | Arch Linux Importer | Fixing | VCID-kryh-pfgh-aaag | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-04-28T07:57:46.366331+00:00 | Arch Linux Importer | Fixing | VCID-z6bg-hyhu-aaas | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-04-28T07:57:46.342981+00:00 | Arch Linux Importer | Fixing | VCID-9fjn-9378-aaae | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-04-28T07:57:46.318165+00:00 | Arch Linux Importer | Fixing | VCID-ue1t-xset-aaah | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-04-28T07:57:46.293634+00:00 | Arch Linux Importer | Fixing | VCID-a12s-yyr4-aaad | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-04-28T07:57:46.272084+00:00 | Arch Linux Importer | Fixing | VCID-agz8-77e4-aaaq | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-04-28T07:57:46.250096+00:00 | Arch Linux Importer | Fixing | VCID-qbz3-r843-aaaf | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-04-28T07:57:46.225022+00:00 | Arch Linux Importer | Fixing | VCID-581z-anfk-aaaq | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-04-28T07:57:46.203266+00:00 | Arch Linux Importer | Fixing | VCID-sgbg-ntsk-aaac | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-04-28T07:57:46.179504+00:00 | Arch Linux Importer | Fixing | VCID-bms1-jrax-aaap | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-04-28T07:57:46.157962+00:00 | Arch Linux Importer | Fixing | VCID-eg7n-8h8z-aaaa | https://security.archlinux.org/AVG-30 | 34.0.0rc4 |
| 2024-01-03T22:28:25.059602+00:00 | Arch Linux Importer | Affected by | VCID-7e6q-x9ge-aaas | https://security.archlinux.org/AVG-34 | 34.0.0rc1 |
| 2024-01-03T22:27:41.163242+00:00 | Arch Linux Importer | Fixing | VCID-kryh-pfgh-aaag | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |
| 2024-01-03T22:27:41.141602+00:00 | Arch Linux Importer | Fixing | VCID-z6bg-hyhu-aaas | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |
| 2024-01-03T22:27:41.120089+00:00 | Arch Linux Importer | Fixing | VCID-9fjn-9378-aaae | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |
| 2024-01-03T22:27:41.098812+00:00 | Arch Linux Importer | Fixing | VCID-ue1t-xset-aaah | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |
| 2024-01-03T22:27:41.077443+00:00 | Arch Linux Importer | Fixing | VCID-a12s-yyr4-aaad | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |
| 2024-01-03T22:27:41.055087+00:00 | Arch Linux Importer | Fixing | VCID-agz8-77e4-aaaq | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |
| 2024-01-03T22:27:41.031572+00:00 | Arch Linux Importer | Fixing | VCID-qbz3-r843-aaaf | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |
| 2024-01-03T22:27:41.003677+00:00 | Arch Linux Importer | Fixing | VCID-581z-anfk-aaaq | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |
| 2024-01-03T22:27:40.974757+00:00 | Arch Linux Importer | Fixing | VCID-sgbg-ntsk-aaac | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |
| 2024-01-03T22:27:40.948560+00:00 | Arch Linux Importer | Fixing | VCID-bms1-jrax-aaap | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |
| 2024-01-03T22:27:40.922311+00:00 | Arch Linux Importer | Fixing | VCID-eg7n-8h8z-aaaa | https://security.archlinux.org/AVG-30 | 34.0.0rc1 |