exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2018-0733

почти 8 лет назад

Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme. The module can only be compiled by the HP-UX assembler, so that only HP-UX PA-RISC targets are affected. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g).

CVSS3: 5.9

EPSS: Низкий

CVE-2018-0733

почти 8 лет назад

CVSS3: 4.8

EPSS: Низкий

CVE-2018-0733

почти 8 лет назад

CVSS3: 5.9

EPSS: Низкий

CVE-2018-0733

почти 8 лет назад

Because of an implementation bug the PA-RISC CRYPTO_memcmp function is ...

CVSS3: 5.9

EPSS: Низкий

GHSA-j66x-3v7r-hj5f

больше 3 лет назад

CVSS3: 5.9

EPSS: Низкий

BDU:2019-01882

почти 8 лет назад

Уязвимость функции PA-RISC CRYPTO_memcmp библиотеки OpenSSL, позволяющая нарушителю формировать поддельные сообщения

CVSS3: 5.9

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-0733 Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme. The module can only be compiled by the HP-UX assembler, so that only HP-UX PA-RISC targets are affected. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g).	CVSS3: 5.9	2% Низкий	почти 8 лет назад
CVE-2018-0733 Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme. The module can only be compiled by the HP-UX assembler, so that only HP-UX PA-RISC targets are affected. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g).	CVSS3: 4.8	2% Низкий	почти 8 лет назад
CVE-2018-0733 Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme. The module can only be compiled by the HP-UX assembler, so that only HP-UX PA-RISC targets are affected. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g).	CVSS3: 5.9	2% Низкий	почти 8 лет назад
CVE-2018-0733 Because of an implementation bug the PA-RISC CRYPTO_memcmp function is ...	CVSS3: 5.9	2% Низкий	почти 8 лет назад
GHSA-j66x-3v7r-hj5f Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme. The module can only be compiled by the HP-UX assembler, so that only HP-UX PA-RISC targets are affected. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g).	CVSS3: 5.9	2% Низкий	больше 3 лет назад
BDU:2019-01882 Уязвимость функции PA-RISC CRYPTO_memcmp библиотеки OpenSSL, позволяющая нарушителю формировать поддельные сообщения	CVSS3: 5.9	2% Низкий	почти 8 лет назад

Уязвимостей на страницу