Openssl Software Foundation OpenSSL vulnerabilities

5 known vulnerabilities affecting openssl_software_foundation/openssl.

Total CVEs

5

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH2MEDIUM3

Vulnerabilities

Page 1 of 1

CVE-2017-3738HIGHCVSS 7.5v1.0.2-1.02mv1.1.0-1.1.0g2017-12-07

CVE-2017-3738 [HIGH] CVE-2017-3738: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, bec

CVE-2017-3737MEDIUMCVSS 5.9v1.0.2b-1.0.2m2017-12-07

CVE-2017-3737 [MEDIUM] CWE-125 CVE-2017-3737: OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was t OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_acc

CVE-2017-3736MEDIUMCVSS 6.5v1.1.0 - 1.1.0fv1.0.2 - 1.0.2l2017-11-02

CVE-2017-3736 [MEDIUM] CWE-200 CVE-2017-3736: There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2 There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (alth

CVE-2017-3735MEDIUMCVSS 5.3v1.1.0v1.0.22017-08-28

CVE-2017-3735 [MEDIUM] CWE-119 CVE-2017-3735: While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

CVE-2015-3193HIGHCVSS 7.5v1.0.2-1.02mv1.1.0-1.1.0g2015-12-06

CVE-2015-3193 [HIGH] CWE-200 CVE-2015-3193: The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0. The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hel