OpenSSL is an open source general-purpose cryptographic library from the Openssl team capable of implementing the Secure Sockets Layer (SSLv2/v3) and Secure Transport Layer (TLSv1) protocols. The product supports a variety of encryption algorithms, including symmetric ciphers, hashing algorithms, secure hashing algorithms, etc. openssl suffers from a buffer overflow vulnerability that stems from the product’s assumption that the ASN.1 string uses NULL as a terminator. An attacker could launch an attack by crafting a non-NULL terminated string that could cause an application memory crash or an application crash.

nessus 68

github 1

openvas 47

ibm 26

photon 2

oraclelinux 5

redhat 2

amazon 3

cbl_mariner 2

suse 8

debian 2

almalinux 1