Matrixssl

matrixssl

Vendor: Matrixssl • 24 CVEs

CVEs (24)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-24609 2Matrixssl Rambus 2Matrixssl Tls Toolkit Nov 21, 2024 Dec 22, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at...Show more Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate.Show less
CVE-2022-46505 1Matrixssl 1Matrixssl Apr 4, 2025 Jan 18, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data.
CVE-2022-43974 1Matrixssl 1Matrixssl Mar 6, 2025 Jan 9, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a crafted TLS Message to cause a buffer overflow and achieve remote code execution. This is fixed in...Show more MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a crafted TLS Message to cause a buffer overflow and achieve remote code execution. This is fixed in 4.6.0.Show less
CVE-2019-16747 1Matrixssl 1Matrixssl Nov 21, 2024 Dec 30, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a daemon crash) via a crafted incoming network message, a different vulnerability than CVE-2019-1443...Show more In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a daemon crash) via a crafted incoming network message, a different vulnerability than CVE-2019-14431.Show less
CVE-2019-13629 1Matrixssl 1Matrixssl Nov 21, 2024 Oct 3, 2019 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute...Show more MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because crypto/pubkey/ecc_math.c scalar multiplication leaks the bit length of the scalar.Show less
CVE-2019-14431 1Matrixssl 1Matrixssl Nov 21, 2024 Jul 29, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDe...Show more In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server mishandles the fragment length value provided in the DTLS message.Show less
CVE-2019-13470 1Matrixssl 1Matrixssl Nov 21, 2024 Jul 9, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling.
CVE-2019-10914 1Matrixssl 1Matrixssl Nov 21, 2024 Apr 8, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in...Show more pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c.Show less
CVE-2018-12439 1Matrixssl 1Matrixssl Nov 21, 2024 Jun 15, 2018 N/A· v4 4.7 MEDIUM· v3 1.9 LOW· v2 MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local ma...Show more MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.Show less
CVE-2017-1000417 1Matrixssl 1Matrixssl Nov 21, 2024 Jan 22, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.
CVE-2017-1000415 1Matrixssl 1Matrixssl Nov 21, 2024 Jan 9, 2018 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration (beginning) year extended (delayed) by 100 years.
CVE-2017-2782 1Matrixssl 1Matrixssl May 13, 2026 Jun 22, 2017 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlle...Show more An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connectionShow less
CVE-2017-2781 1Matrixssl 1Matrixssl May 13, 2026 Jun 22, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap result...Show more An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection.Show less
CVE-2017-2780 1Matrixssl 1Matrixssl May 13, 2026 Jun 22, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap result...Show more An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection.Show less
CVE-2016-6884 1Matrixssl 1Matrixssl May 13, 2026 Mar 3, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before 3.8.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted message.
CVE-2016-6883 1Matrixssl 1Matrixssl May 13, 2026 Mar 3, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack.
CVE-2016-6882 1Matrixssl 1Matrixssl May 13, 2026 Mar 3, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA private key information by conducting a Lenstra side-channel attack.
CVE-2016-8671 1Matrixssl 1Matrixssl May 13, 2026 Jan 13, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via unspecified vectors. NOTE: this vulnerability ex...Show more The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6887.Show less
CVE-2016-6887 1Matrixssl 1Matrixssl May 13, 2026 Jan 13, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via a CRT attack.
CVE-2016-6886 1Matrixssl 1Matrixssl May 13, 2026 Jan 13, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret key during RSA key exc...Show more The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret key during RSA key exchange.Show less

12 Next