Vulnerabilities > Openssl > Openssl > 1.1.0e
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-27 | CVE-2018-0739 | Uncontrolled Recursion vulnerability in multiple products Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. | 6.5 |
| 2018-03-27 | CVE-2018-0733 | Unspecified vulnerability in Openssl Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. | 5.9 |
| 2017-12-07 | CVE-2017-3738 | Information Exposure vulnerability in multiple products There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. | 4.3 |
| 2017-11-02 | CVE-2017-3736 | Information Exposure vulnerability in Openssl There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. | 4.0 |
| 2017-08-28 | CVE-2017-3735 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. | 5.3 |