Search for packages
| purl | pkg:openssl/openssl@1.0.0p |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1pke-t171-aaas
Aliases: CVE-2015-0287 VC-OPENSSL-20150319-CVE-2015-0287 |
ASN.1 structure reuse memory corruption. Reusing a structure in ASN.1 parsing may allow an attacker to cause memory corruption via an invalid write. Such reuse is and has been strongly discouraged and is believed to be rare. |
Affected by 6 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 59 other vulnerabilities. |
|
VCID-1t6y-1zjy-aaae
Aliases: CVE-2016-0704 VC-OPENSSL-20160301-CVE-2016-0704 |
This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address the vulnerability CVE-2015-0293. s2_srvr.c overwrite the wrong bytes in the master-key when applying Bleichenbacher protection for export cipher suites. This provides a Bleichenbacher oracle, and could potentially allow more efficient variants of the DROWN attack. |
Affected by 6 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 59 other vulnerabilities. |
|
VCID-3d3c-x2ux-aaaa
Aliases: CVE-2015-3195 VC-OPENSSL-20151203-CVE-2015-3195 |
When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. |
Affected by 0 other vulnerabilities. Affected by 22 other vulnerabilities. Affected by 50 other vulnerabilities. |
|
VCID-69ax-cbdq-aaam
Aliases: CVE-2015-1791 VC-OPENSSL-20150602-CVE-2015-1791 |
If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data. |
Affected by 2 other vulnerabilities. Affected by 27 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-75pz-sunt-aaaa
Aliases: CVE-2015-0209 VC-OPENSSL-20150319-CVE-2015-0209 |
Use After Free following d2i_ECPrivatekey error. A malformed EC private key file consumed via the d2i_ECPrivateKey function could cause a use after free condition. This, in turn, could cause a double free in several private key parsing functions (such as d2i_PrivateKey or EVP_PKCS82PKEY) and could lead to a DoS attack or memory corruption for applications that receive EC private keys from untrusted sources. This scenario is considered rare. |
Affected by 6 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 59 other vulnerabilities. |
|
VCID-914k-6fj2-aaac
Aliases: CVE-2015-0286 VC-OPENSSL-20150319-CVE-2015-0286 |
Segmentation fault in ASN1_TYPE_cmp. The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check certificate signature algorithm consistency this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. |
Affected by 6 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 59 other vulnerabilities. |
|
VCID-9few-spp9-aaag
Aliases: CVE-2015-0293 VC-OPENSSL-20150319-CVE-2015-0293 |
DoS via reachable assert in SSLv2 servers. A malicious client can trigger an OPENSSL_assert in servers that both support SSLv2 and enable export cipher suites by sending a specially crafted SSLv2 CLIENT-MASTER-KEY message. |
Affected by 6 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 59 other vulnerabilities. |
|
VCID-arc3-rhts-aaar
Aliases: CVE-2015-1792 VC-OPENSSL-20150611-CVE-2015-1792 |
When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID. This can be used to perform denial of service against any system which verifies signedData messages using the CMS code. |
Affected by 2 other vulnerabilities. Affected by 27 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-bsap-s527-aaaj
Aliases: CVE-2015-0289 VC-OPENSSL-20150319-CVE-2015-0289 |
PKCS#7 NULL pointer dereference. The PKCS#7 parsing code does not handle missing outer ContentInfo correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing. Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers are not affected. |
Affected by 6 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 59 other vulnerabilities. |
|
VCID-ftte-av19-aaad
Aliases: CVE-2016-0703 VC-OPENSSL-20160301-CVE-2016-0703 |
This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address vulnerability CVE-2015-0293. s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers. If clear-key bytes are present for these ciphers, they *displace* encrypted-key bytes. This leads to an efficient divide-and-conquer key recovery attack: if an eavesdropper has intercepted an SSLv2 handshake, they can use the server as an oracle to determine the SSLv2 master-key, using only 16 connections to the server and negligible computation. More importantly, this leads to a more efficient version of DROWN that is effective against non-export ciphersuites, and requires no significant computation. |
Affected by 6 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 59 other vulnerabilities. |
|
VCID-gydy-46kx-aaaf
Aliases: CVE-2015-1789 VC-OPENSSL-20150611-CVE-2015-1789 |
X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string. An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. |
Affected by 2 other vulnerabilities. Affected by 27 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-hzh3-5uc4-aaap
Aliases: CVE-2015-3196 VC-OPENSSL-20151203-CVE-2015-3196 |
If PSK identity hints are received by a multi-threaded client then the values are wrongly updated in the parent SSL_CTX structure. This can result in a race condition potentially leading to a double free of the identify hint data. |
Affected by 0 other vulnerabilities. Affected by 24 other vulnerabilities. Affected by 54 other vulnerabilities. |
|
VCID-tc8g-det5-aaad
Aliases: CVE-2015-1790 VC-OPENSSL-20150611-CVE-2015-1790 |
The PKCS#7 parsing code does not handle missing inner EncryptedContent correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing. Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers are not affected. |
Affected by 2 other vulnerabilities. Affected by 27 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-y49b-wcn4-aaaa
Aliases: CVE-2015-0288 VC-OPENSSL-20150302-CVE-2015-0288 |
X509_to_X509_REQ NULL pointer deref. The function X509_to_X509_REQ will crash with a NULL pointer dereference if the certificate key is invalid. This function is rarely used in practice. |
Affected by 6 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 59 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1bwf-h8y6-aaar | A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion. |
CVE-2015-0206
VC-OPENSSL-20150108-CVE-2015-0206 |
| VCID-5g8u-a3pe-aaan | OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. By modifying the contents of the signature algorithm or the encoding of the signature, it is possible to change the certificate's fingerprint. This does not allow an attacker to forge certificates, and does not affect certificate verification or OpenSSL servers/clients in any other way. It also does not affect common revocation mechanisms. Only custom applications that rely on the uniqueness of the fingerprint (e.g. certificate blacklists) may be affected. |
CVE-2014-8275
VC-OPENSSL-20150105-CVE-2014-8275 |
| VCID-7rx2-n4hr-aaan | When openssl is built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference. |
CVE-2014-3569
VC-OPENSSL-20141021-CVE-2014-3569 |
| VCID-amba-4zuy-aaap | A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack. |
CVE-2014-3571
VC-OPENSSL-20150105-CVE-2014-3571 |
| VCID-dhsz-kcke-aaan | An OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate if the server key exchange message is omitted. This effectively removes forward secrecy from the ciphersuite. |
CVE-2014-3572
VC-OPENSSL-20150105-CVE-2014-3572 |
| VCID-qnz6-p4f5-aaag | An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This effectively allows a client to authenticate without the use of a private key. This only affects servers which trust a client certificate authority which issues certificates containing DH keys: these are extremely rare and hardly ever encountered. |
CVE-2015-0205
VC-OPENSSL-20150108-CVE-2015-0205 |
| VCID-vvuz-hvfa-aaae | Bignum squaring (BN_sqr) may produce incorrect results on some platforms, including x86_64. This bug occurs at random with a very low probability, and is not known to be exploitable in any way, though its exact impact is difficult to determine. The following has been determined: *) The probability of BN_sqr producing an incorrect result at random is very low: 1/2^64 on the single affected 32-bit platform (MIPS) and 1/2^128 on affected 64-bit platforms. *) On most platforms, RSA follows a different code path and RSA operations are not affected at all. For the remaining platforms (e.g. OpenSSL built without assembly support), pre-existing countermeasures thwart bug attacks [1]. *) Static ECDH is theoretically affected: it is possible to construct elliptic curve points that would falsely appear to be on the given curve. However, there is no known computationally feasible way to construct such points with low order, and so the security of static ECDH private keys is believed to be unaffected. *) Other routines known to be theoretically affected are modular exponentiation, primality testing, DSA, RSA blinding, JPAKE and SRP. No exploits are known and straightforward bug attacks fail - either the attacker cannot control when the bug triggers, or no private key material is involved. |
CVE-2014-3570
VC-OPENSSL-20150108-CVE-2014-3570 |
| VCID-xmkv-s3ye-aaae | An OpenSSL client will accept the use of an RSA temporary key in a non-export RSA key exchange ciphersuite. A server could present a weak temporary key and downgrade the security of the session. |
CVE-2015-0204
VC-OPENSSL-20150106-CVE-2015-0204 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-01-03T20:01:44.252644+00:00 | OpenSSL Importer | Fixing | VCID-vvuz-hvfa-aaae | https://www.openssl.org/news/secadv/20150108.txt | 34.0.0rc1 |
| 2024-01-03T20:01:43.926473+00:00 | OpenSSL Importer | Fixing | VCID-5g8u-a3pe-aaan | https://www.openssl.org/news/secadv/20150108.txt | 34.0.0rc1 |
| 2024-01-03T20:01:43.607037+00:00 | OpenSSL Importer | Fixing | VCID-qnz6-p4f5-aaag | https://www.openssl.org/news/secadv/20150108.txt | 34.0.0rc1 |
| 2024-01-03T20:01:43.439115+00:00 | OpenSSL Importer | Fixing | VCID-xmkv-s3ye-aaae | https://www.openssl.org/news/secadv/20150108.txt | 34.0.0rc1 |
| 2024-01-03T20:01:43.123191+00:00 | OpenSSL Importer | Fixing | VCID-amba-4zuy-aaap | https://www.openssl.org/news/secadv/20150108.txt | 34.0.0rc1 |
| 2024-01-03T20:01:42.795370+00:00 | OpenSSL Importer | Fixing | VCID-dhsz-kcke-aaan | https://www.openssl.org/news/secadv/20150108.txt | 34.0.0rc1 |
| 2024-01-03T20:01:42.526741+00:00 | OpenSSL Importer | Fixing | VCID-7rx2-n4hr-aaan | https://www.openssl.org/news/secadv/20150108.txt | 34.0.0rc1 |
| 2024-01-03T20:01:42.415848+00:00 | OpenSSL Importer | Fixing | VCID-1bwf-h8y6-aaar | https://www.openssl.org/news/secadv/20150108.txt | 34.0.0rc1 |
| 2024-01-03T20:01:42.206905+00:00 | OpenSSL Importer | Affected by | VCID-y49b-wcn4-aaaa | https://www.openssl.org/news/secadv/20150319.txt | 34.0.0rc1 |
| 2024-01-03T20:01:41.831149+00:00 | OpenSSL Importer | Affected by | VCID-75pz-sunt-aaaa | https://www.openssl.org/news/secadv/20150319.txt | 34.0.0rc1 |
| 2024-01-03T20:01:41.417268+00:00 | OpenSSL Importer | Affected by | VCID-9few-spp9-aaag | https://www.openssl.org/news/secadv/20150319.txt | 34.0.0rc1 |
| 2024-01-03T20:01:40.784779+00:00 | OpenSSL Importer | Affected by | VCID-bsap-s527-aaaj | https://www.openssl.org/news/secadv/20150319.txt | 34.0.0rc1 |
| 2024-01-03T20:01:40.402884+00:00 | OpenSSL Importer | Affected by | VCID-1pke-t171-aaas | https://www.openssl.org/news/secadv/20150319.txt | 34.0.0rc1 |
| 2024-01-03T20:01:39.993657+00:00 | OpenSSL Importer | Affected by | VCID-914k-6fj2-aaac | https://www.openssl.org/news/secadv/20150319.txt | 34.0.0rc1 |
| 2024-01-03T20:01:39.399177+00:00 | OpenSSL Importer | Affected by | VCID-69ax-cbdq-aaam | https://www.openssl.org/news/secadv/20150611.txt | 34.0.0rc1 |
| 2024-01-03T20:01:39.002160+00:00 | OpenSSL Importer | Affected by | VCID-arc3-rhts-aaar | https://www.openssl.org/news/secadv/20150611.txt | 34.0.0rc1 |
| 2024-01-03T20:01:38.610799+00:00 | OpenSSL Importer | Affected by | VCID-tc8g-det5-aaad | https://www.openssl.org/news/secadv/20150611.txt | 34.0.0rc1 |
| 2024-01-03T20:01:38.224767+00:00 | OpenSSL Importer | Affected by | VCID-gydy-46kx-aaaf | https://www.openssl.org/news/secadv/20150611.txt | 34.0.0rc1 |
| 2024-01-03T20:01:37.490127+00:00 | OpenSSL Importer | Affected by | VCID-hzh3-5uc4-aaap | https://www.openssl.org/news/secadv/20151203.txt | 34.0.0rc1 |
| 2024-01-03T20:01:37.227183+00:00 | OpenSSL Importer | Affected by | VCID-3d3c-x2ux-aaaa | https://www.openssl.org/news/secadv/20151203.txt | 34.0.0rc1 |
| 2024-01-03T20:01:36.425954+00:00 | OpenSSL Importer | Affected by | VCID-1t6y-1zjy-aaae | https://www.openssl.org/news/secadv/20160301.txt | 34.0.0rc1 |
| 2024-01-03T20:01:36.053429+00:00 | OpenSSL Importer | Affected by | VCID-ftte-av19-aaad | https://www.openssl.org/news/secadv/20160301.txt | 34.0.0rc1 |