Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2018-16395

Опубликовано: 25 сент. 2020
Источник: msrc
CVSS3: 9.8
EPSS Низкий

Описание

Описание отсутствует

Возможность эксплуатации

DOS

N/A

EPSS

Процентиль: 91%
0.06913
Низкий

9.8 Critical

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-16395

CVSS3: 9.8
ubuntu
почти 7 лет назад

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.

redhat логотип

CVE-2018-16395

CVSS3: 7.5
redhat
почти 7 лет назад

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.

nvd логотип

CVE-2018-16395

CVSS3: 9.8
nvd
почти 7 лет назад

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.

debian логотип

CVE-2018-16395

CVSS3: 9.8
debian
почти 7 лет назад

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2 ...

github логотип

GHSA-mmrq-6999-72v8

CVSS3: 9.8
github
больше 3 лет назад

Ruby Openssl Allows Incorrect Value Comparison

EPSS

Процентиль: 91%
0.06913
Низкий

9.8 Critical

CVSS3