CVE search results

221 – 230 of 282 results

Detailed view

Sort by:

CVE-2011-4577

Medium priority

Fixed

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with...

2 affected packages

openssl, openssl098

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—
openssl098	—	—	—	—

CVE-2011-4576

Low priority

Fixed

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the...

2 affected packages

openssl, openssl098

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—
openssl098	—	—	—	—

CVE-2011-4109

Medium priority

Fixed

Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.

2 affected packages

openssl, openssl098

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—
openssl098	—	—	—	—

CVE-2011-4108

Medium priority

Fixed

The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.

2 affected packages

openssl, openssl098

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—
openssl098	—	—	—	—

CVE-2011-3389

Low priority

Some fixes available 11 of 21

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained...

9 affected packages

gnutls26, icedtea-web, lighttpd, openjdk-6, openjdk-6b18...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gnutls26	—	—	—	—
icedtea-web	—	—	—	—
lighttpd	—	—	—	—
openjdk-6	—	—	—	—
openjdk-6b18	—	—	—	—
openjdk-7	—	—	—	—
openssl	—	—	—	—
sun-java5	—	—	—	—
sun-java6	—	—	—	—

CVE-2011-3207

Low priority

Not affected

crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.

1 affected package

openssl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—

CVE-2011-3210

Medium priority

Fixed

The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a...

1 affected package

openssl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—

CVE-2011-1945

Low priority

Fixed

The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary...

1 affected package

openssl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—

CVE-2011-0014

Medium priority

Fixed

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed...

1 affected package

openssl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—

CVE-2008-7270

Medium priority

Fixed

OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of a disabled cipher via vectors...

1 affected package

openssl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openssl	—	—	—	—

Export to JSON

Results by page:

Search CVE reports