Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libressl vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2018-12434
LibreSSL prior to 2.6.5 and 2.7.x prior to 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on...
Openbsd Libressl 2.7.2
Openbsd Libressl 2.7.1
Openbsd Libressl 2.7.0
Openbsd Libressl
Openbsd Libressl 2.7.3
5.3
CVSSv3
CVE-2017-8301
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx.
Openbsd Libressl 2.5.2
Openbsd Libressl 2.5.3
Openbsd Libressl 2.5.1
NA
CVE-2014-9424
Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL prior to 2.1.2 allows remote malicious users to cause a denial of service or possibly have unspecified other impact by triggering a certain length-verification error during proce...
Openbsd Libressl
5.5
CVSSv3
CVE-2021-41581
x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL up to and including 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' termination.
Openbsd Libressl
7.1
CVSSv3
CVE-2019-25048
LibreSSL 2.9.1 up to and including 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).
Openbsd Libressl
7.1
CVSSv3
CVE-2019-25049
LibreSSL 2.9.1 up to and including 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).
Openbsd Libressl
7.4
CVSSv3
CVE-2018-8970
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 prior to 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle malicious users ...
Openbsd Libressl 2.7.0
1 Github repository
5.3
CVSSv3
CVE-2022-48437
An issue exists in x509/x509_verify.c in LibreSSL prior to 3.6.1, and in OpenBSD prior to 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there...
Openbsd Openbsd
Openbsd Libressl
9.8
CVSSv3
CVE-2021-46880
x509/x509_verify.c in LibreSSL prior to 3.4.2, and OpenBSD prior to 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
Openbsd Openbsd
Openbsd Libressl
7.5
CVSSv3
CVE-2015-5333
Memory leak in the OBJ_obj2txt function in LibreSSL prior to 2.3.1 allows remote malicious users to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.
Openbsd Libressl
Opensuse Opensuse 13.2
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »