CPE-A65256A5-2320-4725-A8E4-29D66B6178EF Detail

CPE Details

OpenSSL Project OpenSSL 3.1.5

Vendor

openssl

Product

openssl

Version

3.1.5

Created

2023-12-08
23h30 +00:00

Modified

2023-12-08
23h30 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:openssl:openssl:3.1.5:::::::*

Informations

Vendor

openssl

Product

openssl

Version

3.1.5

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2019-0190	2019-01-30 22h00 +00:00	A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts.	7.5	High
CVE-2009-3765	2009-10-23 19h00 +00:00	mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.	6.8
CVE-2009-3766	2009-10-23 17h00 +00:00	mutt_ssl.c in mutt 1.5.16 and other versions before 1.5.19, when OpenSSL is used, does not verify the domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.	6.8
CVE-2009-3767	2009-10-23 17h00 +00:00	libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.	4.3
CVE-2009-1390	2009-06-16 18h26 +00:00	Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one TLS certificate in the chain is accepted instead of verifying the entire chain, which allows remote attackers to spoof trusted servers via a man-in-the-middle attack.	6.8

OpenSSL Project OpenSSL 3.1.5

CPE Details

CPE Name: cpe:2.3:a:openssl:openssl:3.1.5:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:openssl:openssl:3.1.5:::::::*