CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0464

A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.1%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2023-0464

Openssl » Openssl » Version: 1.0.2

cpe:2.3:a:openssl:openssl:1.0.2
Openssl » Openssl » Version: 1.0.2a

cpe:2.3:a:openssl:openssl:1.0.2a
Openssl » Openssl » Version: 1.0.2b

cpe:2.3:a:openssl:openssl:1.0.2b
Openssl » Openssl » Version: 1.0.2c

cpe:2.3:a:openssl:openssl:1.0.2c
Openssl » Openssl » Version: 1.0.2d

cpe:2.3:a:openssl:openssl:1.0.2d
Openssl » Openssl » Version: 1.0.2e

cpe:2.3:a:openssl:openssl:1.0.2e
Openssl » Openssl » Version: 1.0.2f

cpe:2.3:a:openssl:openssl:1.0.2f
Openssl » Openssl » Version: 1.0.2g

cpe:2.3:a:openssl:openssl:1.0.2g
Openssl » Openssl » Version: 1.0.2h

cpe:2.3:a:openssl:openssl:1.0.2h
Openssl » Openssl » Version: 1.0.2i

cpe:2.3:a:openssl:openssl:1.0.2i
Openssl » Openssl » Version: 1.0.2j

cpe:2.3:a:openssl:openssl:1.0.2j
Openssl » Openssl » Version: 1.0.2k

cpe:2.3:a:openssl:openssl:1.0.2k
Openssl » Openssl » Version: 1.0.2l

cpe:2.3:a:openssl:openssl:1.0.2l
Openssl » Openssl » Version: 1.0.2m

cpe:2.3:a:openssl:openssl:1.0.2m
Openssl » Openssl » Version: 1.0.2n

cpe:2.3:a:openssl:openssl:1.0.2n
Openssl » Openssl » Version: 1.0.2o

cpe:2.3:a:openssl:openssl:1.0.2o
Openssl » Openssl » Version: 1.0.2p

cpe:2.3:a:openssl:openssl:1.0.2p
Openssl » Openssl » Version: 1.0.2q

cpe:2.3:a:openssl:openssl:1.0.2q
Openssl » Openssl » Version: 1.0.2r

cpe:2.3:a:openssl:openssl:1.0.2r
Openssl » Openssl » Version: 1.0.2s

cpe:2.3:a:openssl:openssl:1.0.2s
Openssl » Openssl » Version: 1.0.2t

cpe:2.3:a:openssl:openssl:1.0.2t
Openssl » Openssl » Version: 1.0.2u

cpe:2.3:a:openssl:openssl:1.0.2u
Openssl » Openssl » Version: 1.0.2v

cpe:2.3:a:openssl:openssl:1.0.2v
Openssl » Openssl » Version: 1.0.2w

cpe:2.3:a:openssl:openssl:1.0.2w
Openssl » Openssl » Version: 1.0.2x

cpe:2.3:a:openssl:openssl:1.0.2x
Openssl » Openssl » Version: 1.0.2y

cpe:2.3:a:openssl:openssl:1.0.2y
Openssl » Openssl » Version: 1.0.2za

cpe:2.3:a:openssl:openssl:1.0.2za
Openssl » Openssl » Version: 1.0.2zb

cpe:2.3:a:openssl:openssl:1.0.2zb
Openssl » Openssl » Version: 1.0.2zc

cpe:2.3:a:openssl:openssl:1.0.2zc
Openssl » Openssl » Version: 1.0.2zd

cpe:2.3:a:openssl:openssl:1.0.2zd
Openssl » Openssl » Version: 1.0.2ze

cpe:2.3:a:openssl:openssl:1.0.2ze
Openssl » Openssl » Version: 1.0.2zf

cpe:2.3:a:openssl:openssl:1.0.2zf
Openssl » Openssl » Version: 1.0.2zg

cpe:2.3:a:openssl:openssl:1.0.2zg
Openssl » Openssl » Version: 1.1.1

cpe:2.3:a:openssl:openssl:1.1.1
Openssl » Openssl » Version: 1.1.1a

cpe:2.3:a:openssl:openssl:1.1.1a
Openssl » Openssl » Version: 1.1.1b

cpe:2.3:a:openssl:openssl:1.1.1b
Openssl » Openssl » Version: 1.1.1c

cpe:2.3:a:openssl:openssl:1.1.1c
Openssl » Openssl » Version: 1.1.1d

cpe:2.3:a:openssl:openssl:1.1.1d
Openssl » Openssl » Version: 1.1.1e

cpe:2.3:a:openssl:openssl:1.1.1e
Openssl » Openssl » Version: 1.1.1f

cpe:2.3:a:openssl:openssl:1.1.1f
Openssl » Openssl » Version: 1.1.1g

cpe:2.3:a:openssl:openssl:1.1.1g
Openssl » Openssl » Version: 1.1.1h

cpe:2.3:a:openssl:openssl:1.1.1h
Openssl » Openssl » Version: 1.1.1i

cpe:2.3:a:openssl:openssl:1.1.1i
Openssl » Openssl » Version: 1.1.1j

cpe:2.3:a:openssl:openssl:1.1.1j
Openssl » Openssl » Version: 1.1.1k

cpe:2.3:a:openssl:openssl:1.1.1k
Openssl » Openssl » Version: 1.1.1l

cpe:2.3:a:openssl:openssl:1.1.1l
Openssl » Openssl » Version: 1.1.1m

cpe:2.3:a:openssl:openssl:1.1.1m
Openssl » Openssl » Version: 1.1.1n

cpe:2.3:a:openssl:openssl:1.1.1n
Openssl » Openssl » Version: 1.1.1o

cpe:2.3:a:openssl:openssl:1.1.1o
Openssl » Openssl » Version: 1.1.1p

cpe:2.3:a:openssl:openssl:1.1.1p
Openssl » Openssl » Version: 1.1.1q

cpe:2.3:a:openssl:openssl:1.1.1q
Openssl » Openssl » Version: 1.1.1r

cpe:2.3:a:openssl:openssl:1.1.1r
Openssl » Openssl » Version: 1.1.1s

cpe:2.3:a:openssl:openssl:1.1.1s
Openssl » Openssl » Version: 1.1.1t

cpe:2.3:a:openssl:openssl:1.1.1t
Openssl » Openssl » Version: 3.0.0

cpe:2.3:a:openssl:openssl:3.0.0
Openssl » Openssl » Version: 3.0.1

cpe:2.3:a:openssl:openssl:3.0.1
Openssl » Openssl » Version: 3.0.2

cpe:2.3:a:openssl:openssl:3.0.2
Openssl » Openssl » Version: 3.0.3

cpe:2.3:a:openssl:openssl:3.0.3
Openssl » Openssl » Version: 3.0.4

cpe:2.3:a:openssl:openssl:3.0.4
Openssl » Openssl » Version: 3.0.5

cpe:2.3:a:openssl:openssl:3.0.5
Openssl » Openssl » Version: 3.0.6

cpe:2.3:a:openssl:openssl:3.0.6
Openssl » Openssl » Version: 3.0.7

cpe:2.3:a:openssl:openssl:3.0.7
Openssl » Openssl » Version: 3.0.8

cpe:2.3:a:openssl:openssl:3.0.8
Openssl » Openssl » Version: 3.1.0

cpe:2.3:a:openssl:openssl:3.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0464

Products

Pricing

Contact Us