Known Vulnerabilities for products from Axtls Project

Listed below are 7 of the newest known vulnerabilities associated with the vendor "Axtls Project".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2019-10013 The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote a... 7.5 - HIGH 2019-12-03 2019-12-31
CVE-2019-9689 process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificat... 7.5 - HIGH 2019-12-03 2019-12-20
CVE-2019-8981 tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because the ne... 9.8 - CRITICAL 2019-03-26 2021-07-21
CVE-2018-16253 In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not properly verify ... 5.9 - MEDIUM 2018-11-07 2018-12-13
CVE-2018-16150 In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not reject excess da... 5.9 - MEDIUM 2018-11-07 2018-12-13
CVE-2018-16149 In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification blindly trusts the declar... 5.9 - MEDIUM 2018-11-07 2019-01-31
CVE-2017-1000416 axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of UTCTime being misinterpreted as 20... 5.3 - MEDIUM 2018-01-22 2019-10-03

Known software with vulnerabilities from Axtls Project

Type Vendor Product Version
ApplicationAxtls ProjectAxtls1.4.2