CRITICAL9.8CVE-2022-3602X.509 Email Address 4-byte Buffer Overflow >= 300.0.0, < 300.0.11
CRITICAL9.8CVE-2022-3602X.509 Email Address 4-byte Buffer Overflow >= 300.0.0, < 300.0.11
CRITICAL9.8CVE-2022-2274Heap memory corruption with RSA private key operation >= 300.0.8, < 300.0.9
CRITICAL9.8Heap memory corruption with RSA private key operation
>= 300.0.8, < 300.0.9
CRITICAL9.8openssl - security update
>= 0.0.0-0, < 111.16.0
CRITICAL9.8openssl - security update
from 0, < 111.16.0
CRITICAL9.1X.509 Name Constraints Read Buffer Overflow
>= 300.0.0, < 300.0.12
CRITICAL9.1X.509 Name Constraints Read Buffer Overflow
>= 300.0.0, < 300.0.12
HIGH7.5Use-after-free following `BIO_new_NDEF`
from 0, < 111.25.0
HIGH7.5Use-after-free following `BIO_new_NDEF`
>= 0.0.0-0, < 111.25.0, >= 300.0.0, < 300.0.12
HIGH7.5Invalid pointer dereference in `d2i_PKCS7` functions
>= 300.0.0, < 300.0.12
HIGH7.5Invalid pointer dereference in `d2i_PKCS7` functions
>= 300.0.0, < 300.0.12
HIGH7.5Double free after calling `PEM_read_bio_ex`
>= 0.0.0-0, < 111.25.0, >= 300.0.0, < 300.0.12
HIGH7.5Double free after calling `PEM_read_bio_ex`
from 0, < 111.25.0
HIGH7.5`NULL` dereference validating DSA public key
>= 300.0.0, < 300.0.12
HIGH7.5`NULL` dereference validating DSA public key
>= 300.0.0, < 300.0.12
HIGH7.5`NULL` dereference during PKCS7 data verification
>= 300.0.0, < 300.0.12
HIGH7.5`NULL` dereference during PKCS7 data verification
>= 300.0.0, < 300.0.12
HIGH7.5Denial of service by double-checked locking in openssl-src
>= 300.0.0, < 300.0.12
HIGH7.5X.509 Email Address Variable Length Buffer Overflow
>= 300.0.0, < 300.0.11
HIGH7.5X.509 Email Address Variable Length Buffer Overflow
>= 300.0.0, < 300.0.11
HIGH7.5Using a Custom Cipher with `NID_undef` may lead to NULL encryption
>= 300.0.0, < 300.0.10
HIGH7.5Using a Custom Cipher with `NID_undef` may lead to NULL encryption
>= 300.0.0, < 300.0.10
HIGH7.5openssl - security update
from 0, < 111.22.0
HIGH7.5openssl - security update
>= 0.0.0-0, < 111.22.0, >= 300.0.0, < 300.0.9
HIGH7.5Resource leakage when decoding certificates and keys
>= 300.0.0, < 300.0.6
HIGH7.5Resource leakage when decoding certificates and keys
>= 300.0.0, < 300.0.6
HIGH7.5openssl1.0 - security update
>= 300.0.0, < 300.0.5
HIGH7.5openssl1.0 - security update
>= 0.0.0-0, < 111.18.0, >= 300.0.0, < 300.0.5
HIGH7.5Invalid handling of `X509_verify_cert()` internal errors in libssl
>= 300.0.0, < 300.0.4
HIGH7.5Invalid handling of `X509_verify_cert()` internal errors in libssl
>= 300.0.0, < 300.0.4
HIGH7.5openssl1.0 - security update
>= 0.0.0-0, < 111.14.0
HIGH7.5openssl1.0 - security update
from 0, < 111.14.0
HIGH7.5openssl - security update
>= 111.6.0, < 111.9.0
HIGH7.5openssl - security update
>= 111.6.0, < 111.9.0
HIGH7.4X.400 address type confusion in X.509 `GeneralName`
from 0, < 111.25.0
HIGH7.4X.400 address type confusion in X.509 `GeneralName`
>= 0.0.0-0, < 111.25.0, >= 300.0.0, < 300.0.12
HIGH7.4openssl1.0 - security update
from 0, < 111.16.0
HIGH7.4openssl1.0 - security update
>= 0.0.0-0, < 111.16.0
HIGH7.4CA certificate check bypass with X509_V_FLAG_X509_STRICT
>= 111.11.0, < 111.15.0
HIGH7.4CA certificate check bypass with X509_V_FLAG_X509_STRICT
>= 111.11.0, < 111.15.0
MEDIUM5.9Timing Oracle in RSA Decryption
>= 0.0.0-0, < 111.25.0, >= 300.0.0, < 300.0.12
MEDIUM5.9Timing Oracle in RSA Decryption
from 0, < 111.25.0
MEDIUM5.9Incorrect MAC key used in the RC4-MD5 ciphersuite
>= 300.0.0, < 300.0.6
MEDIUM5.9Incorrect MAC key used in the RC4-MD5 ciphersuite
>= 300.0.0, < 300.0.6
MEDIUM5.9openssl - security update
from 0, < 111.15.0
MEDIUM5.9openssl - security update
>= 0.0.0-0, < 111.15.0
MEDIUM5.9Null pointer deref in `X509_issuer_and_serial_hash()`
from 0, < 111.14.0
MEDIUM5.9Null pointer deref in `X509_issuer_and_serial_hash()`
>= 0.0.0-0, < 111.14.0
MEDIUM5.3`OCSP_basic_verify` may incorrectly verify the response signing certificate
>= 300.0.0, < 300.0.6
MEDIUM5.3`OCSP_basic_verify` may incorrectly verify the response signing certificate
>= 300.0.0, < 300.0.6