Vulnerabilities > Openssl > Openssl > 1.0.2zh

DATE CVE VULNERABILITY TITLE RISK
2024-01-26 CVE-2024-0727 Unspecified vulnerability in Openssl
Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source.
local
low complexity
openssl
5.5
5.5
2023-11-06 CVE-2023-5678 Improper Check for Unusual or Exceptional Conditions vulnerability in Openssl
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays.
network
low complexity
openssl CWE-754
5.3
5.3
2023-07-31 CVE-2023-3817 Excessive Iteration vulnerability in Openssl
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays.
network
low complexity
openssl CWE-834
5.3
5.3