Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-2106

Опубликовано: 05 мая 2016
Источник: ubuntu
Приоритет: low
EPSS Средний
CVSS2: 5
CVSS3: 7.5

Описание

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.

РелизСтатусПримечание
artful

released

1.0.2g-1ubuntu5
bionic

released

1.0.2g-1ubuntu5
cosmic

released

1.0.2g-1ubuntu5
devel

released

1.0.2g-1ubuntu5
disco

released

1.0.2g-1ubuntu5
esm-infra-legacy/trusty

not-affected

1.0.1f-1ubuntu2.19
esm-infra/bionic

not-affected

1.0.2g-1ubuntu5
esm-infra/xenial

not-affected

1.0.2g-1ubuntu4.1
precise

released

1.0.1-4ubuntu5.36
precise/esm

not-affected

1.0.1-4ubuntu5.36

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
precise

ignored

end of life
precise/esm

DNE

precise was needs-triage
trusty

ignored

end of standard support
trusty/esm

DNE

trusty was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 98%
0.6302
Средний

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-2106

CVSS3: 5.6
redhat
около 9 лет назад

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.

nvd логотип

CVE-2016-2106

CVSS3: 7.5
nvd
около 9 лет назад

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.

debian логотип

CVE-2016-2106

CVSS3: 7.5
debian
около 9 лет назад

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_e ...

github логотип

GHSA-j7jq-c44j-q74h

CVSS3: 7.5
github
около 3 лет назад

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.

fstec логотип

BDU:2020-02961

CVSS3: 7.5
fstec
около 9 лет назад

Уязвимость функции EVP_EncodeUpdate (crypto/evp/evp_enc.c) библиотеки OpenSSL, связанная с ошибкой при обработке числа, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 98%
0.6302
Средний

5 Medium

CVSS2

7.5 High

CVSS3