CVE-2011-4576

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2011-4576

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2011-4576.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2011-4576

Downstream

DEBIAN-CVE-2011-4576

DSA-2390-1

RHSA-2012:0059

RHSA-2012:0060

RHSA-2012:0086

RHSA-2012:0109

SUSE-FU-2022:0445-1

SUSE-SU-2015:1184-1

SUSE-SU-403

SUSE-SU-403 Forbidden-1

openSUSE-SU-2024:10271-1

openSUSE-SU-2024:10423-1

openSUSE-SU-2024:10529-1

openSUSE-SU-2024:11127-1

Related

Withdrawn

2026-01-27T04:11:58.628296Z

Published

2012-01-06T01:55:00Z

Modified

2026-01-27T04:11:58.628296Z

Summary

[none]

Details

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.

References

Affected packages