VYPR
Unrated severityNVD Advisory· Published Jun 3, 2010· Updated Jun 16, 2026

CVE-2010-1633

CVE-2010-1633

Description

RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
    • (no CPE)range: <1.0.0a

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.