CVE-2023-6237: Addressing the Risk of DoS Attacks due to Excessively Long Invalid RSA Public Keys
CVE-2023-6237 is a security vulnerability discovered within the crypto library OpenSSL, impacting applications that use the function EVP_PKEY_public_check() to validate RSA public
CVE-2024-0727: OpenSSL Denial of Service Vulnerability due to Malformed PKCS12 Files
Issue Summary
Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash, resulting in a potential Denial of Service (DoS) attack. Applications that load
CVE-2023-5678: Denial of Service Vulnerability in Excessively Long X9.42 DH Key Generation and Checking Functions
A vulnerability has been discovered in the OpenSSL library that can lead to Denial of Service (DoS) attacks due to the excessively long X9.42
CVE-2023-5363: Critical Bug Identified in Key and Initialization Vector (IV) Processing in OpenSSL 3.1 and 3. - How to Mitigate the Security Risk
A critical security bug, identified as CVE-2023-5363, has been discovered in OpenSSL 3.1 and 3., affecting the processing of key and initialization vector (IV)
CVE-2023-4807 - OpenSSL POLY1305 MAC Implementation Bug Impacting Application State on Windows 64 Platforms
The POLY1305 MAC (message authentication code) implementation in OpenSSL has been found to contain a bug that might corrupt the internal state of applications running
Episode
00:00:00
00:00:00