Vulnetix
Try Vulnetix Request Demo
ALPINE-CVE-2016-6303 PUBLISHED CVSS 9.800000190734863 CRITICAL

Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.

Risk Scores

CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Alpine:v3.8openssl0.9.8i-r0, 1.0.2h-r2, 1.0.2h-r1
Alpine:v3.5openssl0.9.8i-r0, 1.0.2h-r2, 1.0.2h-r1
Alpine:v3.6openssl1.0.0e-r0, 0, 0.9.8i-r0
Alpine:v3.7openssl0, 1.0.2h-r2, 1.0.2h-r1
Alpine:v3.4openssl0.9.8i-r0, 1.0.1e-r6, 1.0.1e-r7
Alpine:v3.3openssl1.0.1g-r2, 1.0.1g-r3, 1.0.1h-r0
Alpine:v3.2openssl1.0.1l-r0, 0.9.8k-r6, 0.9.8k-r5

Timeline

References

Open in Interactive Console →