Known Vulnerabilities for products from Matrixssl
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Matrixssl".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-24609 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-12-22 | 2024-01-03 |
| CVE-2022-46505 | An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse ... | 7.5 - HIGH | 2023-01-18 | 2023-08-08 |
| CVE-2022-43974 | MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a craf... | 9.8 - CRITICAL | 2023-01-09 | 2023-01-13 |
| CVE-2019-16747 | In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a dae... | 7.5 - HIGH | 2020-12-30 | 2021-01-04 |
| CVE-2019-14431 | In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buff... | 9.8 - CRITICAL | 2019-07-29 | 2023-03-03 |
| CVE-2019-13629 | MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote att... | 5.9 - MEDIUM | 2019-10-03 | 2021-07-21 |
| CVE-2019-13470 | MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling. | 9.8 - CRITICAL | 2019-07-09 | 2019-07-16 |
| CVE-2019-10914 | pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflo... | 9.8 - CRITICAL | 2019-04-08 | 2020-08-24 |
| CVE-2018-12439 | MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Numb... | 4.7 - MEDIUM | 2018-06-15 | 2018-08-06 |
| CVE-2017-1000417 | MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyU... | 5.3 - MEDIUM | 2018-01-22 | 2018-02-13 |
| CVE-2017-1000415 | MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting ... | 5.9 - MEDIUM | 2018-01-09 | 2018-01-26 |
| CVE-2017-2782 | An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A sp... | 9.1 - CRITICAL | 2017-06-22 | 2022-04-19 |
| CVE-2017-2781 | An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure Matrix... | 9.8 - CRITICAL | 2017-06-22 | 2023-01-30 |
| CVE-2017-2780 | An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure Matrix... | 9.8 - CRITICAL | 2017-06-22 | 2023-01-28 |
| CVE-2016-8671 | The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow ... | 5.9 - MEDIUM | 2017-01-13 | 2023-11-07 |
| CVE-2016-6892 | The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unall... | 7.5 - HIGH | 2017-01-05 | 2017-01-06 |
| CVE-2016-6891 | MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Fiel... | 7.5 - HIGH | 2017-01-05 | 2017-01-06 |
| CVE-2016-6890 | Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject ... | 9.8 - CRITICAL | 2017-01-05 | 2017-01-06 |
| CVE-2016-6887 | The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow ... | 5.9 - MEDIUM | 2017-01-13 | 2017-01-19 |
| CVE-2016-6886 | The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read... | 7.5 - HIGH | 2017-01-13 | 2017-01-18 |
Known software with vulnerabilities from Matrixssl
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Matrixssl | Matrixssl | 3.8.2 |