Количество 31
Количество 31
CVE-2022-2097
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
CVE-2022-2097
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
CVE-2022-2097
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
CVE-2022-2097
CVE-2022-2097
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimi ...
SUSE-SU-2022:2328-1
Security update for openssl-1_1
SUSE-SU-2022:2312-1
Security update for openssl-1_1
SUSE-SU-2022:2311-1
Security update for openssl-1_1
GHSA-3wx7-46ch-7rq2
AES OCB fails to encrypt some bytes
BDU:2022-04284
Уязвимость режима AES OCB библиотеки OpenSSL, позволяющая нарушителю раскрыть защищаемую информацию
SUSE-SU-2022:2309-1
Security update for openssl
SUSE-SU-2022:2308-1
Security update for openssl-1_1
RLSA-2022:5818
Moderate: openssl security update
ELSA-2022-9683
ELSA-2022-9683: openssl security update (MODERATE)
ELSA-2022-5818
ELSA-2022-5818: openssl security update (MODERATE)
SUSE-SU-2022:2417-1
Security update for nodejs12
ELSA-2022-9751
ELSA-2022-9751: openssl security update (MODERATE)
ELSA-2022-6224
ELSA-2022-6224: openssl security and bug fix update (MODERATE)
SUSE-SU-2022:2306-1
Security update for openssl-3
ELSA-2022-9955
ELSA-2022-9955: GraalVM Security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-2097 AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p). | CVSS3: 5.3 | 0% Низкий | около 3 лет назад |
 | CVE-2022-2097 AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p). | CVSS3: 5.3 | 0% Низкий | около 3 лет назад |
 | CVE-2022-2097 AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p). | CVSS3: 5.3 | 0% Низкий | около 3 лет назад |
 | CVSS3: 5.3 | 0% Низкий | около 3 лет назад | |
| CVE-2022-2097 AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimi ... | CVSS3: 5.3 | 0% Низкий | около 3 лет назад |
 | SUSE-SU-2022:2328-1 Security update for openssl-1_1 | 0% Низкий | около 3 лет назад | |
| SUSE-SU-2022:2312-1 Security update for openssl-1_1 | 0% Низкий | около 3 лет назад | |
| SUSE-SU-2022:2311-1 Security update for openssl-1_1 | 0% Низкий | около 3 лет назад | |
| GHSA-3wx7-46ch-7rq2 AES OCB fails to encrypt some bytes | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
 | BDU:2022-04284 Уязвимость режима AES OCB библиотеки OpenSSL, позволяющая нарушителю раскрыть защищаемую информацию | CVSS3: 3.7 | 0% Низкий | около 3 лет назад |
| SUSE-SU-2022:2309-1 Security update for openssl | около 3 лет назад | ||
| SUSE-SU-2022:2308-1 Security update for openssl-1_1 | около 3 лет назад | ||
 | RLSA-2022:5818 Moderate: openssl security update | около 3 лет назад | ||
| ELSA-2022-9683 ELSA-2022-9683: openssl security update (MODERATE) | около 3 лет назад | ||
| ELSA-2022-5818 ELSA-2022-5818: openssl security update (MODERATE) | около 3 лет назад | ||
| SUSE-SU-2022:2417-1 Security update for nodejs12 | около 3 лет назад | ||
| ELSA-2022-9751 ELSA-2022-9751: openssl security update (MODERATE) | почти 3 года назад | ||
| ELSA-2022-6224 ELSA-2022-6224: openssl security and bug fix update (MODERATE) | почти 3 года назад | ||
| SUSE-SU-2022:2306-1 Security update for openssl-3 | около 3 лет назад | ||
| ELSA-2022-9955 ELSA-2022-9955: GraalVM Security update (IMPORTANT) | почти 3 года назад |
Уязвимостей на страницу