- openssl-1.0.2k-12.amzn2.0.2 ()
- 1.0.2k-24.amzn2.0.13
- 2024-08-22 11:00:13
- CVE CVE-2019-1563, CVSSv2 Score: 3.7
- Description:
information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2019-1563.patch
- CVE CVE-2019-1547, CVSSv2 Score: 5.5
- Description:
side-channel weak encryption vulnerability
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2019-1547.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/amazon2/0001-RSA-key-generation-consttime_102.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/amazon2/openssl-used-ERR-set-pop-mark.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/amazon2/openssl-consttime-flag-changed.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/amazon2/openssl-Replaced-variable-time-GCD-with-consttime-inversion.patch
- CVE CVE-2017-3735, CVSSv2 Score: 5.3
- Description:
Malformed X.509 IPAdressFamily could cause OOB read
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2017-3735.patch
- CVE CVE-2018-0732, CVSSv2 Score: 4.3
- Description:
Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2018-0732.patch
- CVE CVE-2018-0737, CVSSv2 Score: 3.3
- Description:
RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2018-0737.patch
- CVE CVE-2018-0739, CVSSv2 Score: 6.5
- Description:
Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2018-0739.patch
- CVE CVE-2018-0495, CVSSv2 Score: 5.1
- Description:
Key Extraction Side Channel in Multiple Crypto Libraries
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2018-0495.patch
- CVE CVE-2018-0734, CVSSv2 Score: 5.1
- Description:
timing side channel attack in the DSA signature algorithm
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2018-0734.patch
- CVE CVE-2018-5407, CVSSv2 Score: 4.8
- Description:
Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2018-5407.patch
- CVE CVE-2019-1559, CVSSv2 Score: 5.9
- Description:
0-byte record padding oracle
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2019-1559.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/openssl-1.0.2k-fix-one-and-done.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/openssl-1.0.2k-fix-9-lives.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/adapt-openssl-1.0.2k-fix-9-lives.patch
- CVE CVE-2021-23839, CVSSv2 Score: 3.7
- Description:
check is made for a version rollback attack when unpadding an RSA signature
- Patch: openssl/1.0.2k/CVE-2021-23839.patch
- CVE cve-2021-23840, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2021-23840.patch
- CVE cve-2021-23840, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2021-23840-adapt.patch
- CVE cve-2021-23841, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2021-23841.patch
- CVE CVE-2019-1551, CVSSv2 Score: 4.8
- Description:
Integer overflow in RSAZ modular exponentiation on x86_64
- Patch: openssl/1.0.2k/CVE-2019-1551.patch
- CVE CVE-2021-3712, CVSSv2 Score: N/A
- Description:
Fix asn1 string length
- Patch: openssl/1.0.2k/CVE-2021-3712.patch
- CVE CVE-2020-1971, CVSSv2 Score: 5.9
- Description:
A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service.
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2020-1971.patch
- CVE CVE-2020-1971, CVSSv2 Score: 5.9
- Description:
EDIPARTYNAME NULL pointer de-reference
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2020-1971-adapt.patch
- CVE CVE-2022-0778, CVSSv2 Score: 7.5
- Description:
Infinite loop in BN_mod_sqrt() reachable when parsing certificates
- Patch: openssl/1.0.2k/openssl-1.0.2k-cve-2022-0778.patch
- CVE CVE-2022-4304, CVSSv2 Score: 5.9
- Description:
Timing attack in RSA Decryption implementation
- Patch: openssl/1.0.2k/CVE-2022-4304.patch
- CVE CVE-2022-4304, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/CVE-2022-4304-adapt.patch
- CVE CVE-2023-0215, CVSSv2 Score: 5.9
- Description:
A use-after-free vulnerability was found in OpenSSL's BIO_new_NDEF function.
- Patch: openssl/1.0.2k/CVE-2023-0215.patch
- CVE CVE-2023-0286, CVSSv2 Score: 7.4
- Description:
Type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName.
- Patch: openssl/1.0.2k/CVE-2023-0286.patch
- CVE CVE-2023-0464, CVSSv2 Score: 5.9
- Description:
Denial of service by excessive resource usage in verifying X509 policy constraints
- Patch: openssl/1.0.2k/CVE-2023-0464.patch
- CVE CVE-2023-0464, CVSSv2 Score: 5.9
- Description:
Denial of service by excessive resource usage in verifying X509 policy constraints
- Patch: openssl/1.0.2k/CVE-2023-0464-adapt.patch
- CVE CVE-2023-0465, CVSSv2 Score: 5.3
- Description:
Invalid certificate policies in leaf certificates are silently ignored
- Patch: openssl/1.0.2k/CVE-2023-0465.patch
- CVE CVE-2023-0466, CVSSv2 Score: 5.3
- Description:
Fix documentation of X509_VERIFY_PARAM_add0_policy().
- Patch: openssl/1.0.2k/CVE-2023-0466.patch
- CVE CVE-2023-2650, CVSSv2 Score: 5.9
- Description:
A possible denial of service while translating ASN.1 object identifiers
- Patch: openssl/1.0.2k/CVE-2023-2650.patch
- CVE CVE-2023-3446, CVSSv2 Score: 5.3
- Description:
Fix DH_check() excessive time with over sized modulus
- Patch: openssl/1.0.2k/CVE-2023-3446.patch
- CVE CVE-2023-3817, CVSSv2 Score: 5.3
- Description:
Skip checking q properties in DH_check() if it is obviously invalid
- Patch: openssl/1.0.2k/CVE-2023-3817.patch
- CVE CVE-2023-5678, CVSSv2 Score: 5.3
- Description:
A flaw was found in OpenSSL, which caused the generation or checking of long X9.42 DH keys or parameters to be much slower than expected. This issue could lead to a denial of service.
- Patch: openssl/1.0.2k/CVE-2023-5678.patch
- CVE CVE-2023-5678, CVSSv2 Score: 5.3
- Description:
A flaw was found in OpenSSL, which caused the generation or checking of long X9.42 DH keys or parameters to be much slower than expected. This issue could lead to a denial of service.
- Patch: openssl/1.0.2k/CVE-2023-5678-adapt.patch
- CVE CVE-2023-3446, CVSSv2 Score: 5.3
- Description:
Fix DH_check() excessive time with over sized modulus
- Patch: openssl/1.0.2k/CVE-2023-3446-adapt.patch
- CVE CVE-2024-0727, CVSSv2 Score: 5.5
- Description:
The optional ContentInfo fields can be set to null, even if the "type" is a valid value, which can lead to a null dereference error that may cause a denial of service
- Patch: openssl/1.0.2k/CVE-2024-0727-preadapt.patch
- CVE CVE-2024-0727, CVSSv2 Score: 5.5
- Description:
The optional ContentInfo fields can be set to null, even if the "type" is a valid value, which can lead to a null dereference error that may cause a denial of service
- Patch: openssl/1.0.2k/CVE-2024-0727.patch
- CVE CVE-2024-0727, CVSSv2 Score: 5.5
- Description:
The optional ContentInfo fields can be set to null, even if the "type" is a valid value, which can lead to a null dereference error that may cause a denial of service
- Patch: openssl/1.0.2k/CVE-2024-0727-adapt.patch
- CVE CVE-2024-5535, CVSSv2 Score: 5.9
- Description:
SSL_select_next_proto buffer overread
- Patch: openssl/1.0.2k/openssl-1.0.2zk-CVE-2024-5535.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/rsaz-avx2.pl.prebuild.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/rsaz-x86_64.pl.prebuild.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/x86_64-xlate.pl.dwarf.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/x86_64-mont.pl.dwarf.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/x86_64-mont5.pl.dwarf.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/rsaz-avx2.pl.dwarf.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/rsaz-x86_64.pl.dwarf.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/x86_64cpuid.pl.dwarf.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/ecp_nistz256-x86_64.pl.dwarf.patch
- CVE N/A, CVSSv2 Score:
- Description:
- Patch: openssl/1.0.2k/sha1-x86_64.pl.dwarf.patch