Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libressl vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2018-12434
LibreSSL prior to 2.6.5 and 2.7.x prior to 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on...
Openbsd Libressl 2.7.2
Openbsd Libressl 2.7.1
Openbsd Libressl 2.7.0
Openbsd Libressl
Openbsd Libressl 2.7.3
2.6
CVSSv2
CVE-2017-8301
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx.
Openbsd Libressl 2.5.2
Openbsd Libressl 2.5.3
Openbsd Libressl 2.5.1
7.5
CVSSv2
CVE-2014-9424
Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL prior to 2.1.2 allows remote malicious users to cause a denial of service or possibly have unspecified other impact by triggering a certain length-verification error during proce...
Openbsd Libressl
4.3
CVSSv2
CVE-2021-41581
x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL up to and including 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' termination.
Openbsd Libressl
5.8
CVSSv2
CVE-2019-25048
LibreSSL 2.9.1 up to and including 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).
Openbsd Libressl
5.8
CVSSv2
CVE-2019-25049
LibreSSL 2.9.1 up to and including 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).
Openbsd Libressl
5.8
CVSSv2
CVE-2018-8970
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 prior to 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle malicious users ...
Openbsd Libressl 2.7.0
1 Github repository
NA
CVE-2022-48437
An issue exists in x509/x509_verify.c in LibreSSL prior to 3.6.1, and in OpenBSD prior to 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there...
Openbsd Openbsd
Openbsd Libressl
NA
CVE-2021-46880
x509/x509_verify.c in LibreSSL prior to 3.4.2, and OpenBSD prior to 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
Openbsd Openbsd
Openbsd Libressl
5
CVSSv2
CVE-2015-5333
Memory leak in the OBJ_obj2txt function in LibreSSL prior to 2.3.1 allows remote malicious users to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.
Openbsd Libressl
Opensuse Opensuse 13.2
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »