DEBIAN-CVE-2017-3735

DEBIAN-CVE-2017-3735 PUBLISHED CVSS 5.300000190734863 MEDIUM

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

Risk Scores

CVSS v3.0

5.300000190734863

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:14	openssl	0, 0, 0
Debian:11	openssl	0, 0, 0
Debian:12	openssl	0, 0, 0
Debian:13	openssl	0, 0, 0

Timeline

Aug 28, 2017 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2017-3735 advisory

Open in Interactive Console →