Vulnerabilities > Openbsd > Libressl > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-01 | CVE-2019-25048 | Out-of-bounds Read vulnerability in Openbsd Libressl LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print). | 7.1 |
| 2021-07-01 | CVE-2019-25049 | Out-of-bounds Read vulnerability in Openbsd Libressl LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx). | 7.1 |
| 2020-01-23 | CVE-2015-5333 | Resource Exhaustion vulnerability in multiple products Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates. | 7.5 |
| 2018-03-24 | CVE-2018-8970 | Improper Certificate Validation vulnerability in Openbsd Libressl 2.7.0 The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 7.4 |