Unrated severityNVD Advisory· Published Aug 31, 2009· Updated Jun 16, 2026
CVE-2008-7128
CVE-2008-7128
Description
The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:xyssl:xyssl:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:xyssl:xyssl:*:*:*:*:*:*:*:*range: <=0.8
- cpe:2.3:a:xyssl:xyssl:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:xyssl:xyssl:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:xyssl:xyssl:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:xyssl:xyssl:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:xyssl:xyssl:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:xyssl:xyssl:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:xyssl:xyssl:0.7:*:*:*:*:*:*:*
- (no CPE)range: <0.9
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.