Known Vulnerabilities for products from Matrixssl
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Matrixssl".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-24609 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-12-22 | 2024-01-03 |
| CVE-2022-46505 json | An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse ... | 7.5 - HIGH | 2023-01-18 | 2023-08-08 |
| CVE-2022-43974 json | MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a craf... | 9.8 - CRITICAL | 2023-01-09 | 2023-01-13 |
| CVE-2019-16747 json | In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a dae... | 7.5 - HIGH | 2020-12-30 | 2021-01-04 |
| CVE-2019-14431 json | In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buff... | 9.8 - CRITICAL | 2019-07-29 | 2023-03-03 |
| CVE-2019-13629 json | MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote att... | 5.9 - MEDIUM | 2019-10-03 | 2021-07-21 |
| CVE-2019-13470 json | MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling. | 9.8 - CRITICAL | 2019-07-09 | 2019-07-16 |
| CVE-2019-10914 json | pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflo... | 9.8 - CRITICAL | 2019-04-08 | 2020-08-24 |
| CVE-2018-12439 json | MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Numb... | 4.7 - MEDIUM | 2018-06-15 | 2018-08-06 |
| CVE-2017-1000417 json | MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyU... | 5.3 - MEDIUM | 2018-01-22 | 2018-02-13 |
| CVE-2017-1000415 json | MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting ... | 5.9 - MEDIUM | 2018-01-09 | 2018-01-26 |
| CVE-2017-2782 json | An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A sp... | Not Provided | 2017-06-22 | 2025-04-20 |
| CVE-2017-2781 json | An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure Matrix... | Not Provided | 2017-06-22 | 2025-04-20 |
| CVE-2017-2780 json | An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure Matrix... | Not Provided | 2017-06-22 | 2025-04-20 |
| CVE-2016-8671 json | The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow ... | Not Provided | 2017-01-13 | 2025-04-20 |
| CVE-2016-6892 json | The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unall... | Not Provided | 2017-01-05 | 2026-05-06 |
| CVE-2016-6891 json | MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Fiel... | Not Provided | 2017-01-05 | 2026-05-06 |
| CVE-2016-6890 json | Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject ... | Not Provided | 2017-01-05 | 2026-05-06 |
| CVE-2016-6887 json | The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow ... | Not Provided | 2017-01-13 | 2025-04-20 |
| CVE-2016-6886 json | The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read... | Not Provided | 2017-01-13 | 2025-04-20 |
Known software with vulnerabilities from Matrixssl
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Matrixssl | Matrixssl | 3.8.2 |