| CVE-2022-3602 |
high |
— |
8.0 |
|
|
|
4y ago |
Important: openssl security update |
| CVE-2022-3786 |
high |
— |
8.0 |
|
|
|
4y ago |
Important: openssl security update |
| CVE-2021-3711 |
high |
— |
8.0 |
|
|
|
5y ago |
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "o… |
| CVE-2021-3449 |
high |
— |
8.0 |
|
|
|
5y ago |
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where i… |
| CVE-2021-3450 |
high |
— |
8.0 |
|
|
|
5y ago |
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disal… |
| CVE-2020-1967 |
high |
— |
8.0 |
|
|
|
6y ago |
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signat… |
| CVE-2022-0778 |
high |
7.5 |
7.5 |
|
|
|
4y ago |
Important: openssl security update |
| CVE-2023-0401 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2022-4203 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2022-4304 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2022-4450 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2023-0215 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2023-0216 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2023-0217 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2023-0286 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2022-2097 |
medium |
— |
5.5 |
|
|
|
4y ago |
Moderate: openssl security and bug fix update |
| CVE-2022-1343 |
medium |
— |
5.5 |
|
|
|
4y ago |
Moderate: openssl security and bug fix update |
| CVE-2022-1473 |
medium |
— |
5.5 |
|
|
|
4y ago |
Moderate: openssl security and bug fix update |
| CVE-2021-4044 |
medium |
— |
5.5 |
|
|
|
5y ago |
Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (… |
| CVE-2021-3712 |
medium |
— |
5.5 |
|
|
|
5y ago |
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C… |
| CVE-2021-23841 |
medium |
— |
5.5 |
|
|
|
5y ago |
Moderate: edk2 security, bug fix, and enhancement update |
| CVE-2021-23840 |
medium |
— |
5.5 |
|
|
|
5y ago |
Moderate: edk2 security, bug fix, and enhancement update |
| CVE-2022-3358 |
low |
— |
3.5 |
|
|
|
4y ago |
Low: openssl security and bug fix update |