Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
m2crypto vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0127
M2Crypto does not properly check the return value from the OpenSSL EVP_VerifyFinal, DSA_verify, ECDSA_verify, DSA_do_verify, and ECDSA_do_verify functions, which might allow remote malicious users to bypass validation of the certificate chain via a malformed SSL/TLS signature, a ...
Heikkitoivonen M2crypto -
7.5
CVSSv3
CVE-2023-50781
A flaw was found in m2crypto. This issue may allow a remote malicious user to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Update Infrastructure 4
M2crypto Project M2crypto -
5.9
CVSSv3
CVE-2020-25657
A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.
M2crypto Project M2crypto
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Virtualization 4.0
Fedoraproject Fedora 33
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started