pkg:Debian/openssl

All known vulnerabilities

• HIGH7.5CVE-2014-0160⚠ KEVopenssl - security update
  from 0, < 1.0.1g-1
• HIGH7.5CVE-2014-0160⚠ KEVopenssl - security update
  from 0, < 1.0.1e-2+deb7u5
• CRITICAL9.8CVE-2026-45447Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification.
  from 0
• CRITICAL9.8Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platfor…
  from 0, < 3.0.19-1~deb12u2
• CRITICAL9.8X.509 Email Address 4-byte Buffer Overflow
  from 0, < 3.0.7-1
• CRITICAL9.8Heap memory corruption with RSA private key operation
  from 0, < 3.0.4-2
• CRITICAL9.8openssl - security update
  from 0, < 1.1.1d-0+deb10u7
• CRITICAL9.8openssl - security update
  from 0, < 1.1.1k-1+deb11u1
• CRITICAL9.8pound - security update
  from 0, < 0.9.8k-6
• CRITICAL9.8pound - security update
  from 0, < 0.9.8g-15+lenny11
• CRITICAL9.8Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of…
  from 0, < 1.0.2i-1
• CRITICAL9.8The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote att…
  from 0, < 1.0.2i-1
• CRITICAL9.8openssl - security update
  from 0, < 1.0.2i-1
• CRITICAL9.8openssl - security update
  from 0, < 1.0.1t-1+deb8u4
• CRITICAL9.8openssl - security update
  from 0, < 1.0.1t-1+deb7u1
• CRITICAL9.8The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a deni…
  from 0, < 1.0.2c-1
• CRITICAL9.8The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memo…
  from 0, < 1.0.2g-1
• CRITICAL9.8The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, wh…
  from 0, < 1.0.2g-1
• CRITICAL9.8Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g…
  from 0, < 1.0.2g-1
• CRITICAL9.8Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code…
  from 0, < 0.9.7c
• CRITICAL9.1Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fi…
  from 0
• CRITICAL9.1Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or…
  from 0, < 1.1.1w-0+deb11u2
• CRITICAL9.1X.509 Name Constraints Read Buffer Overflow
  from 0, < 3.0.8-1
• HIGH8.8openssl - security update
  from 0, < 3.0.18-1~deb12u2
• HIGH8.8openssl - security update
  from 0, < 3.0.18-1~deb12u2
• HIGH8.1Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap…
  from 0
• HIGH8.1Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE…
  from 0
• HIGH7.5Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied i…
  from 0
• HIGH7.5Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause…
  from 0
• HIGH7.5Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL de…
  from 0
• HIGH7.5Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen str…
  from 0
• HIGH7.5Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with…
  from 0, < 3.5.6-1~deb13u2
• HIGH7.5Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frame…
  from 0, < 3.5.6-1~deb13u2
• HIGH7.5Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memor…
  from 0, < 3.0.19-1~deb12u2
• HIGH7.5Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happe…
  from 0
• HIGH7.5Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen.
  from 0
• HIGH7.5Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the r…
  from 0
• HIGH7.5Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds…
  from 0, < 3.6.2-1
• HIGH7.5Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function.
  from 0, < 1.1.1w-0+deb11u5
• HIGH7.5Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accesse…
  from 0, < 1.1.1w-0+deb11u5
• HIGH7.5openssl - security update
  from 0, < 3.0.17-1~deb12u3
• HIGH7.5openssl - security update
  from 0, < 1.1.1w-0+deb11u4
• HIGH7.5openssl - security update
  from 0, < 1.1.1w-0+deb11u4
• HIGH7.5Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situatio…
  from 0, < 1.1.1w-0+deb11u2
• HIGH7.5openssl - security update
  from 0, < 3.0.14-1~deb12u2
• HIGH7.5openssl - security update
  from 0, < 3.0.14-1~deb12u2
• HIGH7.5openssl - security update
  from 0, < 3.0.11-1~deb12u2
• HIGH7.5openssl - security update
  from 0, < 3.0.11-1~deb12u2
• HIGH7.5openssl - security update
  from 0, < 1.1.1n-0+deb11u5
• HIGH7.5openssl - security update
  from 0, < 1.1.1n-0+deb10u5
• HIGH7.5openssl - security update
  from 0, < 1.1.1n-0+deb11u5
• HIGH7.5Use-after-free following `BIO_new_NDEF`
  from 0, < 1.1.1n-0+deb11u4
• HIGH7.5Invalid pointer dereference in `d2i_PKCS7` functions
  from 0, < 3.0.8-1
• HIGH7.5Double free after calling `PEM_read_bio_ex`
  from 0, < 1.1.1n-0+deb11u4
• HIGH7.5`NULL` dereference validating DSA public key
  from 0, < 3.0.8-1
• HIGH7.5`NULL` dereference during PKCS7 data verification
  from 0, < 3.0.8-1
• HIGH7.5Denial of service by double-checked locking in openssl-src
  from 0, < 3.0.7-2
• HIGH7.5X.509 Email Address Variable Length Buffer Overflow
  from 0, < 3.0.7-1
• HIGH7.5Using a Custom Cipher with `NID_undef` may lead to NULL encryption
  from 0, < 3.0.7-1
• HIGH7.5openssl - security update
  from 0, < 1.1.1n-0+deb11u4
• HIGH7.5openssl - security update
  from 0, < 1.1.1n-0+deb10u4
• HIGH7.5openssl - security update
  from 0, < 1.1.1n-0+deb11u4
• HIGH7.5Infinite loop in BN_mod_sqrt() reachable when parsing certificates
  from 0, < 1.1.1k-1+deb11u2
• HIGH7.5Integer overflow in CipherUpdate
  from 0, < 1.1.1j-1
• HIGH7.5Integer overflow in CipherUpdate
  from 0, < 1.1.0l-1~deb9u3
• HIGH7.5openssl - security update
  from 0, < 1.1.1g-1
• HIGH7.5openssl - security update
  from 0, < 1.1.1d-0+deb10u3
• HIGH7.5openssl1.0 - security update
  from 0, < 1.0.1t-1+deb8u9
• HIGH7.5openssl1.0 - security update
  from 0, < 1.1.1-1
• HIGH7.5openssl1.0 - security update
  from 0, < 1.1.0j-1~deb9u1
• HIGH7.5A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined process…
  from 0, < 1.0.2j-1
• HIGH7.5During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa)…
  from 0, < 1.1.0e-1
• HIGH7.5If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that ser…
  from 0, < 1.1.0d-1
• HIGH7.5In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the c…
  from 0, < 1.1.0d-1
• HIGH7.5In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger…
  from 0, < 1.1.0c-1
• HIGH7.5In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference.
  from 0, < 1.1.0c-1
• HIGH7.5crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application cra…
  from 0, < 1.0.2j-1
• HIGH7.5Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a…
  from 0, < 1.0.2i-1
• HIGH7.5The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket len…
  from 0, < 1.0.2i-1
• HIGH7.5The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a…
  from 0, < 1.0.2i-1
• HIGH7.5The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-orde…
  from 0, < 1.0.2i-1
• HIGH7.5The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in Open…
  from 0, < 1.0.2i-1
• HIGH7.5The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h a…
  from 0, < 1.0.2h-1
• HIGH7.5Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote a…
  from 0, < 1.0.2h-1
• HIGH7.5openssl - security update
  from 0, < 1.0.2h-1
• HIGH7.5openssl - security update
  from 0, < 1.0.1k-3+deb8u5
• HIGH7.5openssl - security update
  from 0, < 1.0.1e-2+deb7u21
• HIGH7.5crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it ea…
  from 0, < 0.9.6-1
• HIGH7.5Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to c…
  from 0, < 1.0.2g-1
• HIGH7.5Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service (heap…
  from 0, < 1.0.2g-1
• HIGH7.5openssl - security update
  from 0, < 1.0.1e-2+deb7u18
• HIGH7.5openssl - security update
  from 0, < 1.0.2e-1
• HIGH7.5The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by t…
  from 0, < 1.0.2e-1
• HIGH7.5The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before…
  from 0, < 1.0.2b-1
• HIGH7.5OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable…
  from 0, < 0.9.8g-9
• HIGH7.5The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorith…
  from 0, < 0.9.8-1
• HIGH7.5openssl - several vulnerabilities
  from 0, < 0.9.6c-2.woody.6
• HIGH7.5openssl - several vulnerabilities
  from 0, < 0.9.7d-1
• HIGH7.4Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentic…
  from 0, < 3.5.6-1~deb13u2
• HIGH7.4Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name c…
  from 0, < 1.1.1w-0+deb11u5