Search for packages
| purl | pkg:conan/openssl@1.1.1n |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2rtj-nbth-aaam
Aliases: CVE-2023-3817 |
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the "-check" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-5khv-27u8-aaaa
Aliases: CVE-2022-2097 GHSA-3wx7-46ch-7rq2 VC-OPENSSL-20220705-CVE-2022-2097 |
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p). |
Affected by 8 other vulnerabilities. Affected by 16 other vulnerabilities. |
|
VCID-9wtx-9sbn-aaam
Aliases: CVE-2023-0286 GHSA-x4qr-2fvf-3mr5 |
Vulnerable OpenSSL included in cryptography wheels |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-ec3y-aejm-aaad
Aliases: CVE-2022-4450 GHSA-v5w6-wcm8-jm4q |
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-kn8m-m9v4-aaaa
Aliases: CVE-2023-0466 |
Improper Certificate Validation The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 3 other vulnerabilities. Affected by 6 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-mu8w-emsy-aaak
Aliases: CVE-2023-0465 |
Improper Certificate Validation Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 3 other vulnerabilities. Affected by 6 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-tkv7-cnhy-aaas
Aliases: CVE-2023-0464 |
Improper Certificate Validation A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 3 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 6 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-ur7f-5ey8-aaak
Aliases: CVE-2022-4304 GHSA-p52g-cm5j-mjv4 |
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-uua4-ygek-aaah
Aliases: CVE-2023-0215 GHSA-r7jw-wp68-3xch |
The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-w17h-u8wd-aaaj
Aliases: CVE-2022-2068 VC-OPENSSL-20220621-CVE-2022-2068 |
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). |
Affected by 9 other vulnerabilities. Affected by 18 other vulnerabilities. |
|
VCID-yrx6-rcrr-aaap
Aliases: CVE-2022-1292 VC-OPENSSL-20220503-CVE-2022-1292 |
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd). |
Affected by 10 other vulnerabilities. Affected by 18 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:47:55.035484+00:00 | GitLab Importer | Fixing | VCID-6pjh-cgdt-aaaj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/openssl/CVE-2022-0778.yml | 34.0.1 |
| 2024-09-17T22:47:54.370551+00:00 | GitLab Importer | Affected by | VCID-2rtj-nbth-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/openssl/CVE-2023-3817.yml | 34.0.1 |
| 2024-02-06T15:53:28.732497+00:00 | GitLab Importer | Affected by | VCID-2rtj-nbth-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/openssl/CVE-2023-3817.yml | 34.0.0rc2 |
| 2024-01-03T18:08:59.309314+00:00 | GitLab Importer | Fixing | VCID-6pjh-cgdt-aaaj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/openssl/CVE-2022-0778.yml | 34.0.0rc1 |
| 2024-01-03T18:08:58.362434+00:00 | GitLab Importer | Affected by | VCID-2rtj-nbth-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/openssl/CVE-2023-3817.yml | 34.0.0rc1 |