Xyssl
by Xyssl
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-7129 | 0.00 | — | 0.00 | Aug 31, 2009 | XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification. | ||
| CVE-2008-7128 | 0.00 | — | 0.01 | Aug 31, 2009 | The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors. |
- CVE-2008-7129Aug 31, 2009risk 0.00cvss —epss 0.00
XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification.
- CVE-2008-7128Aug 31, 2009risk 0.00cvss —epss 0.01
The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors.