Search for packages
| purl | pkg:alpm/archlinux/openssl@1.1.0.c-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-j6bv-cdqn-aaan | Applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to free certain invalid encodings. Only CHOICE structures using a callback which do not handle NULL value are affected. |
CVE-2016-7053
VC-OPENSSL-20161110-CVE-2016-7053 |
| VCID-pqvw-s72q-aaam | TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS. |
CVE-2016-7054
VC-OPENSSL-20161110-CVE-2016-7054 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:46:15.858052+00:00 | Arch Linux Importer | Fixing | VCID-j6bv-cdqn-aaan | https://security.archlinux.org/AVG-143 | 36.0.0 |
| 2025-03-28T07:46:15.839527+00:00 | Arch Linux Importer | Fixing | VCID-pqvw-s72q-aaam | https://security.archlinux.org/AVG-143 | 36.0.0 |
| 2024-09-18T02:01:26.919637+00:00 | Arch Linux Importer | Fixing | VCID-j6bv-cdqn-aaan | https://security.archlinux.org/AVG-143 | 34.0.1 |
| 2024-09-18T02:01:26.893803+00:00 | Arch Linux Importer | Fixing | VCID-pqvw-s72q-aaam | https://security.archlinux.org/AVG-143 | 34.0.1 |
| 2024-01-03T22:27:36.639870+00:00 | Arch Linux Importer | Fixing | VCID-j6bv-cdqn-aaan | https://security.archlinux.org/AVG-143 | 34.0.0rc1 |
| 2024-01-03T22:27:36.620718+00:00 | Arch Linux Importer | Fixing | VCID-pqvw-s72q-aaam | https://security.archlinux.org/AVG-143 | 34.0.0rc1 |