{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-3735","assignerOrgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","assignerShortName":"openssl","datePublished":"2017-08-28T19:00:00.000Z","dateUpdated":"2024-09-16T21:08:28.987Z","dateReserved":"2016-12-16T00:00:00.000Z"},"containers":{"cna":{"datePublic":"2017-08-28T00:00:00.000Z","providerMetadata":{"orgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","shortName":"openssl","dateUpdated":"2022-12-13T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g."}],"affected":[{"vendor":"OpenSSL Software Foundation","product":"OpenSSL","versions":[{"version":"1.1.0","status":"affected"},{"version":"1.0.2","status":"affected"}]}],"references":[{"name":"1039726","tags":["vdb-entry"],"url":"http://www.securitytracker.com/id/1039726"},{"name":"USN-3611-2","tags":["vendor-advisory"],"url":"https://usn.ubuntu.com/3611-2/"},{"name":"DSA-4018","tags":["vendor-advisory"],"url":"https://www.debian.org/security/2017/dsa-4018"},{"name":"GLSA-201712-03","tags":["vendor-advisory"],"url":"https://security.gentoo.org/glsa/201712-03"},{"name":"[debian-lts-announce] 20171109 [SECURITY] [DLA-1157-1] openssl security update","tags":["mailing-list"],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00011.html"},{"name":"RHSA-2018:3505","tags":["vendor-advisory"],"url":"https://access.redhat.com/errata/RHSA-2018:3505"},{"name":"DSA-4017","tags":["vendor-advisory"],"url":"https://www.debian.org/security/2017/dsa-4017"},{"name":"RHSA-2018:3221","tags":["vendor-advisory"],"url":"https://access.redhat.com/errata/RHSA-2018:3221"},{"name":"100515","tags":["vdb-entry"],"url":"http://www.securityfocus.com/bid/100515"},{"name":"FreeBSD-SA-17:11","tags":["vendor-advisory"],"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"},{"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"url":"https://security.netapp.com/advisory/ntap-20171107-0002/"},{"url":"https://support.apple.com/HT208331"},{"url":"https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822"},{"url":"https://security.netapp.com/advisory/ntap-20170927-0001/"},{"url":"https://www.tenable.com/security/tns-2017-15"},{"url":"https://www.openssl.org/news/secadv/20171102.txt"},{"url":"https://www.tenable.com/security/tns-2017-14"},{"url":"https://www.openssl.org/news/secadv/20170828.txt"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"out of bounds read"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T14:39:41.087Z"},"title":"CVE Program Container","references":[{"name":"1039726","tags":["vdb-entry","x_transferred"],"url":"http://www.securitytracker.com/id/1039726"},{"name":"USN-3611-2","tags":["vendor-advisory","x_transferred"],"url":"https://usn.ubuntu.com/3611-2/"},{"name":"DSA-4018","tags":["vendor-advisory","x_transferred"],"url":"https://www.debian.org/security/2017/dsa-4018"},{"name":"GLSA-201712-03","tags":["vendor-advisory","x_transferred"],"url":"https://security.gentoo.org/glsa/201712-03"},{"name":"[debian-lts-announce] 20171109 [SECURITY] [DLA-1157-1] openssl security update","tags":["mailing-list","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00011.html"},{"name":"RHSA-2018:3505","tags":["vendor-advisory","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:3505"},{"name":"DSA-4017","tags":["vendor-advisory","x_transferred"],"url":"https://www.debian.org/security/2017/dsa-4017"},{"name":"RHSA-2018:3221","tags":["vendor-advisory","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:3221"},{"name":"100515","tags":["vdb-entry","x_transferred"],"url":"http://www.securityfocus.com/bid/100515"},{"name":"FreeBSD-SA-17:11","tags":["vendor-advisory","x_transferred"],"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","tags":["x_transferred"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","tags":["x_transferred"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html","tags":["x_transferred"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","tags":["x_transferred"]},{"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","tags":["x_transferred"]},{"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","tags":["x_transferred"]},{"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","tags":["x_transferred"]},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20171107-0002/","tags":["x_transferred"]},{"url":"https://support.apple.com/HT208331","tags":["x_transferred"]},{"url":"https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20170927-0001/","tags":["x_transferred"]},{"url":"https://www.tenable.com/security/tns-2017-15","tags":["x_transferred"]},{"url":"https://www.openssl.org/news/secadv/20171102.txt","tags":["x_transferred"]},{"url":"https://www.tenable.com/security/tns-2017-14","tags":["x_transferred"]},{"url":"https://www.openssl.org/news/secadv/20170828.txt","tags":["x_transferred"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","tags":["x_transferred"]}]}]}}