CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2016-2182

CVSS 9.8v3.0pub. 2016-09-16upd. 2026-05-06

The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • HP Icewall Federation Agent

    APP
    Hp
    3.0
  • HP Icewall Mcrp

    APP
    Hp
    3.0
  • HP Icewall Sso

    APP
    Hp
    10.0
  • HP Icewall Sso Agent Option

    APP
    Hp
    10.0
  • OpenSSL

    APP
    Openssl
    1.0.11.0.1a1.0.1b1.0.1c1.0.1d1.0.1e1.0.1f1.0.1g1.0.1h1.0.1i1.0.1j1.0.1k1.0.1l1.0.1m1.0.1n+ 15 więcej
  • Oracle Linux

    OS
    Oracle
    567
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoSMemory
CWE
References

Related vulnerabilities

CVE-2016-3427CRITICAL9.8⚠ KEVten sam produkt

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 ...

CVE-2014-7169CRITICAL9.8⚠ KEVten sam produkt

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the...

CVE-2014-6271CRITICAL9.8⚠ KEVten sam produkt

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variab...

CVE-2026-34182CRITICAL9.1PL ✓ten sam produkt

OpenSSL CMS AuthEnvelopedData — niewystarczająca walidacja wejścia umożliwia atak oracle i bypass integralnośc...

CVE-2026-31789CRITICAL9.8PL ✓ten sam produkt

OpenSSL: heap buffer overflow przy konwersji OCTET STRING na hex (32-bit)