Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-g89j-86gv-84w2

Опубликовано: 13 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 5.9

Описание

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

Ссылки

EPSS

Процентиль: 92%
0.09365
Низкий

5.9 Medium

CVSS3

Дефекты

CWE-125

Связанные уязвимости

CVSS3: 5.9
ubuntu
почти 9 лет назад

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

CVSS3: 5.9
redhat
почти 9 лет назад

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

CVSS3: 5.9
nvd
почти 9 лет назад

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

CVSS3: 5.9
debian
почти 9 лет назад

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2 ...

CVSS3: 5.9
fstec
почти 9 лет назад

Уязвимость библиотеки OpenSSL, связанная с чтением за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 92%
0.09365
Низкий

5.9 Medium

CVSS3

Дефекты

CWE-125