CVE-2024-0727: OpenSSL Denial of Service Vulnerability due to Malformed PKCS12 Files
Issue Summary
Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash, resulting in a potential Denial of Service (DoS) attack. Applications that load
CVE-2023-5678: Denial of Service Vulnerability in Excessively Long X9.42 DH Key Generation and Checking Functions
A vulnerability has been discovered in the OpenSSL library that can lead to Denial of Service (DoS) attacks due to the excessively long X9.42
CVE-2023-5363: Critical Bug Identified in Key and Initialization Vector (IV) Processing in OpenSSL 3.1 and 3. - How to Mitigate the Security Risk
A critical security bug, identified as CVE-2023-5363, has been discovered in OpenSSL 3.1 and 3., affecting the processing of key and initialization vector (IV)
CVE-2023-4807 - OpenSSL POLY1305 MAC Implementation Bug Impacting Application State on Windows 64 Platforms
The POLY1305 MAC (message authentication code) implementation in OpenSSL has been found to contain a bug that might corrupt the internal state of applications running
CVE-2023-3817 - OpenSSL Vulnerability: Excessively Long DH Key Checks May Lead to Denial of Service Attacks
The OpenSSL project has identified a vulnerability (CVE-2023-3817) that affects applications using functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check
Episode
00:00:00
00:00:00