CVE-2017-1000417

Опубликовано: 22 янв. 2018

Источник: debian

EPSS Низкий

Описание

MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
matrixssl	removed			package
matrixssl	end-of-life		wheezy	package

EPSS

Процентиль: 36%

0.00149

Низкий

Связанные уязвимости

CVE-2017-1000417

CVSS3: 5.3

ubuntu

около 8 лет назад

MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.

CVE-2017-1000417

CVSS3: 5.3

nvd

около 8 лет назад

MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.

GHSA-6p29-jhc3-fmfm

CVSS3: 5.3

github

больше 3 лет назад

MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.

EPSS

Процентиль: 36%

0.00149

Низкий