The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.

References

android.googlesource.com/platform/external/boringssl/+/54bf62a81586d99d0a951ca3342d569b59e69b80

nvd.nist.gov/vuln/data-feeds

source.android.com/security/bulletin/2017-03-01.html

veracode 2

debiancve 1

cve 1

f5 3

debian 4

alpinelinux 1

cvelist 1

nessus 45

ubuntucve 1

hackerone 1

nvd 1

redhatcve 1

openssl 1

osv 4

prion 1

openvas 34

ibm 56

oraclelinux 2

amazon 1

redhat 4

fedora 3

altlinux 5

cloudfoundry 1

suse 9

centos 1

freebsd_advisory 1

ubuntu 2

archlinux 2

mageia 1

aix 1

freebsd 1

arista 1

slackware 1

fortinet 1

symantec 1

cisco 1

huawei 1

nodejsblog 1

veracode

Denial Of Service (DoS)

2017-01-26 05:46:26

Denial Of Service (DoS)

2019-01-15 09:24:47

debiancve

CVE-2016-2182

2016-09-16 05:59:02

cve

CVE-2016-2182

2016-09-16 05:59:02

K01276005 : OpenSSL vulnerability CVE-2016-2182

2016-11-04 00:00:00

SOL01276005 - OpenSSL vulnerability CVE-2016-2182

2016-11-04 00:00:00

SOL22071504 - September 2016 OpenSSL security vulnerability announcement

2016-09-22 00:00:00

debian

[SECURITY] [DSA 3673-2] openssl regression update

2016-09-23 20:17:53

[SECURITY] [DSA 3673-2] openssl regression update

2016-09-23 20:17:53

[SECURITY] [DLA 637-1] openssl security update

2016-09-25 11:55:01

alpinelinux

CVE-2016-2182

2016-09-16 05:59:02

cvelist

CVE-2016-2182

2016-09-16 00:00:00

nessus

F5 Networks BIG-IP : OpenSSL vulnerability (K01276005)

2017-03-16 00:00:00

EulerOS 2.0 SP1 : openssl098e (EulerOS-SA-2017-1040)

2017-05-01 00:00:00

EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2017-1039)

2017-05-01 00:00:00

ubuntucve

CVE-2016-2182

2016-09-16 00:00:00

hackerone

Internet Bug Bounty: OOB write in BN_bn2dec() (CVE-2016-2182)

2017-04-18 07:36:37

nvd

CVE-2016-2182

2016-09-16 05:59:02

redhatcve

CVE-2016-2182

2016-08-18 21:03:46

openssl

Vulnerability in OpenSSL CVE-2016-2182

2016-08-16 00:00:00

osv

CVE-2016-2182

2016-09-16 05:59:00

openssl - regression update

2016-09-22 00:00:00

openssl - security update

2016-09-25 00:00:00

prion

Out-of-bounds

2016-09-16 05:59:00

openvas

F5 BIG-IP - OpenSSL vulnerability CVE-2016-2182

2017-03-17 00:00:00

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2017-1040)

2020-01-23 00:00:00

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2017-1039)

2020-01-23 00:00:00

ibm

Security Bulletin: Vulnerabilities in OpenSSL affect Power Hardware Management Console (CVE-2016-2180, CVE-2016-2182, CVE-2016-6306)

2021-09-23 01:31:39

Security Bulletin: IBM WebSphere MQ v5.3.1.12 and earlier on NonStop Server affected by multiple OpenSSL vulnerabilities - CVE-2016-6306, CVE-2016-2177, CVE-2016-2182 and CVE-2016-2183

2018-06-15 07:07:05

Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways

2018-06-15 07:06:27

oraclelinux

openssl security update

2016-10-13 00:00:00

openssl security update

2016-09-27 00:00:00

amazon

Medium: openssl

2016-10-12 17:00:00

redhat

(RHSA-2018:2187) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update

2018-07-12 16:04:13

(RHSA-2016:1940) Important: openssl security update

2016-09-27 11:50:45

(RHSA-2018:2186) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update

2018-07-12 16:04:10

fedora

[SECURITY] Fedora 23 Update: openssl-1.0.2j-1.fc23

2016-10-11 23:24:05

[SECURITY] Fedora 24 Update: openssl-1.0.2j-1.fc24

2016-09-28 01:57:16

[SECURITY] Fedora 25 Update: openssl-1.0.2j-1.fc25

2016-10-09 03:28:42

altlinux

Security fix for the ALT Linux 8 package openssl10 version 1.0.2i-alt1

2016-09-22 00:00:00

Security fix for the ALT Linux 10 package openssl1.1 version 1.0.2i-alt1

2016-09-22 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2i-alt1

2016-09-22 00:00:00

cloudfoundry

USN-3087-2 OpenSSL Regression | Cloud Foundry

2016-09-28 00:00:00

suse

Security update for compat-openssl098 (important)

2016-10-06 20:09:29

Security update for openssl (important)

2016-10-05 18:09:41

Security update for compat-openssl098 (important)

2016-10-14 15:09:07

centos

openssl security update

2016-09-28 14:48:04

freebsd_advisory

FreeBSD-SA-16:26.openssl

2016-09-23 00:00:00

ubuntu

OpenSSL vulnerabilities

2016-09-22 00:00:00

OpenSSL regression

2016-09-23 00:00:00

archlinux

[ASA-201609-23] openssl: multiple issues

2016-09-26 00:00:00

[ASA-201609-24] lib32-openssl: multiple issues

2016-09-26 00:00:00

mageia

Updated openssl packages fix security vulnerabilities

2016-10-12 01:12:20

aix

Vulnerabilities in OpenSSL affect AIX

2016-11-14 13:29:26

freebsd

OpenSSL -- multiple vulnerabilities

2016-09-22 00:00:00

arista

Security Advisory 0024

2016-10-04 00:00:00

slackware

[slackware-security] openssl

2016-09-22 18:53:12

fortinet

OpenSSL Security Advisory [22 Sept 2016]

2017-04-03 00:00:00

symantec

SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016

2016-10-06 08:00:00

cisco

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016

2016-09-27 22:40:00

huawei

Security Advisory - Sixteen OpenSSL Vulnerabilities on Some Huawei products

2017-03-22 00:00:00

nodejsblog

Security updates for all active release lines, September 2016

2016-09-23 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.52

Percentile

97.6%

JSON

Related for ANDROID:CVE-2016-2182