CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16065
https://notcve.org/view.php?id=CVE-2017-16065
07 Jun 2018 — openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. "openssl.js" era un módulo malicioso publicado para secuestrar variables de entorno. Ha sido retirado por npm. • https://nodesecurity.io/advisories/504 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-506: Embedded Malicious Code •
CVSS: 5.9EPSS: 37%CPEs: 5EXPL: 0CVE-2018-0737 – Cache timing vulnerability in RSA Key Generation
https://notcve.org/view.php?id=CVE-2018-0737
16 Apr 2018 — The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o). Se ha demostrado que el algoritmo de generación de claves RSA en OpenSSL es vulnerable a un ataque de sincronización de canal lateral de caché. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-385: Covert Timing Channel •
CVSS: 5.9EPSS: 2%CPEs: 1EXPL: 0CVE-2018-0733 – Incorrect CRYPTO_memcmp on HP-UX PA-RISC
https://notcve.org/view.php?id=CVE-2018-0733
27 Mar 2018 — Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme. The module can only be compiled by the HP-UX assembler, so that only HP-UX PA-RISC targets are affected. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Debido a un error de implementación, l... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html •
CVSS: 6.5EPSS: 15%CPEs: 8EXPL: 0CVE-2018-0739 – Constructed ASN.1 types with a recursive definition could exceed the stack
https://notcve.org/view.php?id=CVE-2018-0739
27 Mar 2018 — Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n). • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 5.9EPSS: 42%CPEs: 13EXPL: 0CVE-2017-3737 – openssl: Read/write after SSL object in error state
https://notcve.org/view.php?id=CVE-2017-3737
07 Dec 2017 — OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake f... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html • CWE-125: Out-of-bounds Read CWE-391: Unchecked Error Condition CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 14%CPEs: 34EXPL: 0CVE-2017-3738 – openssl: rsaz_1024_mul_avx2 overflow bug on x86_64
https://notcve.org/view.php?id=CVE-2017-3738
07 Dec 2017 — There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be sign... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html • CWE-190: Integer Overflow or Wraparound CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 6%CPEs: 2EXPL: 0CVE-2017-3736 – openssl: bn_sqrx8x_internal carry bug on x86_64
https://notcve.org/view.php?id=CVE-2017-3736
02 Nov 2017 — There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required fo... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-682: Incorrect Calculation •
CVSS: 5.3EPSS: 36%CPEs: 102EXPL: 0CVE-2017-3735 – openssl: Malformed X.509 IPAdressFamily could cause OOB read
https://notcve.org/view.php?id=CVE-2017-3735
28 Aug 2017 — While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g. Al analizar una extensión IPAddressFamily en un certificado X.509, es posible realizar una sobrelectura de un bit. Esto tendría como resultado que el texto del certificado se muestre de forma incorrecta. • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 5%CPEs: 7EXPL: 0CVE-2017-3733 – Encrypt-Then-Mac renegotiation crash
https://notcve.org/view.php?id=CVE-2017-3733
16 Feb 2017 — During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected. Durante un protocolo de enlace de renegociación, si la extensión Encrypt-Then-Mac es negociada cuando no estaba en el protocolo de enlace original (o viceversa), se podría provocar el cierre inesperado de OpenSSL (dependiente de una suite de cifrad... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-7056 – openssl: ECDSA P-256 timing attack key recovery
https://notcve.org/view.php?id=CVE-2016-7056
30 Jan 2017 — A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. Se ha encontrado un error de ataque de sincronización en OpenSSL, en versiones 1.0.1u y anteriores, que podría permitir que un usuario malicioso con acceso local recupere claves privadas ECDSA P-256 A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys. Red Hat JBoss Core Services is a ... • http://rhn.redhat.com/errata/RHSA-2017-1415.html • CWE-320: Key Management Errors CWE-385: Covert Timing Channel •