Latest openbsd libressl Vulnerabilities

CVE-2023-35784
A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affect...
Openbsd Libressl<3.6.3
Openbsd Libressl>=3.7.0<3.7.3
Openbsd Openbsd=7.2
Openbsd Openbsd=7.3
CVE-2021-46880
x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
Openbsd Libressl<3.4.2
Openbsd Openbsd<7.0
CVE-2022-48437
An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verific...
Openbsd Libressl<3.6.1
Openbsd Openbsd<7.2
CVE-2021-41581
x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' ...
Openbsd Libressl<=3.4.0
CVE-2019-25049
Openbsd Libressl>=2.9.1<=3.2.1
Linux Linux kernel
CVE-2019-25048
LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).
Openbsd Libressl>=2.9.1<=3.2.1
Linux Linux kernel
CVE-2015-5334
LibreSSL. Multiple issues were addressed by updating to libressl version 2.6.4.
Apple macOS Mojave<10.14
Openbsd Libressl<2.3.1
openSUSE openSUSE=13.2
CVE-2015-5333
LibreSSL. Multiple issues were addressed by updating to libressl version 2.6.4.
Apple macOS Mojave<10.14
Openbsd Libressl<2.3.1
openSUSE openSUSE=13.2
CVE-2018-12434
LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacke...
Openbsd Libressl<2.6.5
Openbsd Libressl=2.7.0
Openbsd Libressl=2.7.1
Openbsd Libressl=2.7.2
Openbsd Libressl=2.7.3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203