Vulnerabilities > Matrixssl

DATE CVE VULNERABILITY TITLE RISK
2023-12-22 CVE-2023-24609 Integer Overflow or Wraparound vulnerability in multiple products
Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server.
network
low complexity
matrixssl rambus CWE-190
7.5
2023-01-18 CVE-2022-46505 Improper Initialization vulnerability in Matrixssl
An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data.
network
low complexity
matrixssl CWE-665
7.5
2023-01-09 CVE-2022-43974 Integer Overflow or Wraparound vulnerability in Matrixssl
MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13.
network
low complexity
matrixssl CWE-190
critical
9.8
2020-12-30 CVE-2019-16747 Out-of-bounds Write vulnerability in Matrixssl
In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a daemon crash) via a crafted incoming network message, a different vulnerability than CVE-2019-14431.
network
low complexity
matrixssl CWE-787
7.5
2019-10-03 CVE-2019-13629 Information Exposure Through Discrepancy vulnerability in Matrixssl
MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation.
network
high complexity
matrixssl CWE-203
5.9
2019-07-29 CVE-2019-14431 Improper Handling of Exceptional Conditions vulnerability in Matrixssl
In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c.
network
low complexity
matrixssl CWE-755
critical
9.8
2019-07-09 CVE-2019-13470 Out-of-bounds Read vulnerability in Matrixssl
MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling.
network
low complexity
matrixssl CWE-125
critical
9.8
2019-04-08 CVE-2019-10914 Improper Certificate Validation vulnerability in Matrixssl
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c.
network
low complexity
matrixssl CWE-295
critical
9.8
2018-06-15 CVE-2018-12439 Information Exposure vulnerability in Matrixssl
MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP.
local
high complexity
matrixssl CWE-200
4.7
2018-01-22 CVE-2017-1000417 Improper Certificate Validation vulnerability in Matrixssl 3.7.2
MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g.
network
low complexity
matrixssl CWE-295
5.3