|Max CVSS||7.1||Min CVSS||4.3||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
|09-10-2019 - 23:10||15-10-2014 - 00:55|
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an
|15-11-2017 - 02:29||19-10-2014 - 01:55|
Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.
|03-01-2017 - 02:59||19-10-2014 - 01:55|