VulnerableCode Package Details - pkg:openssl/openssl@1.0.0t

Search for packages

Package details: pkg:openssl/openssl@1.0.0t

Essentials
History (2)

purl	pkg:openssl/openssl@1.0.0t

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-3d3c-x2ux-aaaa	When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected.	CVE-2015-3195 VC-OPENSSL-20151203-CVE-2015-3195
VCID-hzh3-5uc4-aaap	If PSK identity hints are received by a multi-threaded client then the values are wrongly updated in the parent SSL_CTX structure. This can result in a race condition potentially leading to a double free of the identify hint data.	CVE-2015-3196 VC-OPENSSL-20151203-CVE-2015-3196

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2024-01-03T20:01:37.508906+00:00	OpenSSL Importer	Fixing	VCID-hzh3-5uc4-aaap	https://www.openssl.org/news/secadv/20151203.txt	34.0.0rc1
2024-01-03T20:01:37.247304+00:00	OpenSSL Importer	Fixing	VCID-3d3c-x2ux-aaaa	https://www.openssl.org/news/secadv/20151203.txt	34.0.0rc1