| Max CVSS | 7.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-6308 | 7.1 |
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
|
13-12-2022 - 12:15 | 26-09-2016 - 19:59 | |
| CVE-2016-6307 | 4.3 |
The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted TLS messages, related to statem
|
13-12-2022 - 12:15 | 26-09-2016 - 19:59 | |
| CVE-2016-6306 | 4.3 |
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
|
13-12-2022 - 12:15 | 26-09-2016 - 19:59 | |
| CVE-2016-6304 | 7.8 |
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
|
13-12-2022 - 12:15 | 26-09-2016 - 19:59 | |
| CVE-2016-6305 | 5.0 |
The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call.
|
13-12-2022 - 12:15 | 26-09-2016 - 19:59 |