Vulnerabilities > Openbsd > Libressl

DATE CVE VULNERABILITY TITLE RISK
2023-06-16 CVE-2023-35784 Use After Free vulnerability in Openbsd Libressl and Openbsd
A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3.
network
low complexity
openbsd CWE-416
critical
9.8
2023-04-15 CVE-2021-46880 Improper Certificate Validation vulnerability in Openbsd
x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
network
low complexity
openbsd CWE-295
critical
9.8
2023-04-12 CVE-2022-48437 Improper Certificate Validation vulnerability in Openbsd
An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001.
network
low complexity
openbsd CWE-295
5.3
2021-09-24 CVE-2021-41581 Out-of-bounds Read vulnerability in Openbsd Libressl
x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read.
network
openbsd CWE-125
4.3
2021-07-01 CVE-2019-25048 Out-of-bounds Read vulnerability in Openbsd Libressl
LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).
network
openbsd CWE-125
5.8
2021-07-01 CVE-2019-25049 Out-of-bounds Read vulnerability in Openbsd Libressl
LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).
network
openbsd CWE-125
5.8
2020-01-23 CVE-2015-5333 Resource Exhaustion vulnerability in multiple products
Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.
network
low complexity
openbsd opensuse CWE-400
5.0
2020-01-23 CVE-2015-5334 Out-of-bounds Write vulnerability in multiple products
Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow.
network
low complexity
openbsd opensuse CWE-787
7.5
2018-06-15 CVE-2018-12434 Information Exposure vulnerability in Openbsd Libressl
LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP.
1.9
2018-03-24 CVE-2018-8970 Improper Certificate Validation vulnerability in Openbsd Libressl 2.7.0
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
network
openbsd CWE-295
5.8