VDB
RHSA-2018%3A2187
RHSA-2018%3A2187
PUBLISHED
CVSS 6.199999809265137 MEDIUM
An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code.
Risk Scores
CVSS 3.0
6.199999809265137
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Text-Only JBCS |
Timeline
- Jul 12, 2018 CVE Published
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2018:2187 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/ advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1367340 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1369855 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1377594 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1393929 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1416852 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1416856 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1509169 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1523504 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1523510 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2187.json advisory
- https://access.redhat.com/security/cve/CVE-2016-2182 advisory
- https://www.cve.org/CVERecord?id=CVE-2016-2182 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2016-2182 advisory
- https://www.openssl.org/news/secadv/20160922.txt advisory
- https://access.redhat.com/security/cve/CVE-2016-6302 advisory
- https://www.cve.org/CVERecord?id=CVE-2016-6302 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2016-6302 advisory
…and 25 more