CPE-2D1E0E12-D678-48DB-AB6E-B8FC141F4909 Detail

CPE Details

OpenBSD LibreSSL 2.0.1

Vendor

openbsd

Product

libressl

Version

2.0.1

Created

2019-06-03
16h04 +00:00

Modified

2019-06-03
16h04 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:openbsd:libressl:2.0.1:::::::*

Informations

Vendor

openbsd

Product

libressl

Version

2.0.1

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-35784	2023-06-15 22h00 +00:00	A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected.	9.8	Critical
CVE-2021-46880	2023-04-14 00h00 +00:00	x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.	9.8	Critical
CVE-2022-48437	2023-04-12 00h00 +00:00	An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed verification callback that instructs the verifier to continue upon detecting an invalid certificate.	5.3	Medium
CVE-2021-41581	2021-09-24 00h12 +00:00	x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' termination.	5.5	Medium
CVE-2015-5333	2020-01-23 19h12 +00:00	Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.	7.5	High
CVE-2015-5334	2020-01-23 18h56 +00:00	Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an incorrect fix for CVE-2014-3508.	9.8	Critical
CVE-2018-12434	2018-06-15 02h00 +00:00	LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.	4.7	Medium
CVE-2014-9424	2014-12-29 00h00 +00:00	Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a certain length-verification error during processing of a DTLS handshake.	7.5

OpenBSD LibreSSL 2.0.1

CPE Details

CPE Name: cpe:2.3:a:openbsd:libressl:2.0.1:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:openbsd:libressl:2.0.1:::::::*