CVE-2016-7052

Опубликовано: 26 сент. 2016

Источник: debian

EPSS Низкий

Описание

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
openssl	fixed	1.0.2j-1		package
openssl	not-affected		jessie	package
openssl	not-affected		wheezy	package

Примечания

https://www.openssl.org/news/secadv/20160926.txt

EPSS

Процентиль: 92%

0.0918

Низкий

Связанные уязвимости

CVE-2016-7052

CVSS3: 7.5

ubuntu

почти 9 лет назад

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.

CVE-2016-7052

CVSS3: 7.5

redhat

почти 9 лет назад

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.

CVE-2016-7052

CVSS3: 7.5

nvd

почти 9 лет назад

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.

GHSA-9wm3-5vv7-j93j

CVSS3: 7.5

github

около 3 лет назад

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.

SUSE-SU-2016:2470-2

suse-cvrf

почти 9 лет назад

Security update for nodejs4

EPSS

Процентиль: 92%

0.0918

Низкий