ReportizFlow
Filtered by vendor Matrixssl
Subscriptions
Filtered by product Matrixssl
Subscriptions
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-10914 | 1 Matrixssl | 1 Matrixssl | 2024-11-21 | N/A |
| pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c. | ||||
| CVE-2018-12439 | 1 Matrixssl | 1 Matrixssl | 2024-11-21 | N/A |
| MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. | ||||
| CVE-2017-1000417 | 1 Matrixssl | 1 Matrixssl | 2024-11-21 | N/A |
| MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates. | ||||
| CVE-2017-1000415 | 1 Matrixssl | 1 Matrixssl | 2024-11-21 | N/A |
| MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration (beginning) year extended (delayed) by 100 years. | ||||