ubuntu · CVE-2017-3735

Quick triage

Priority: low Published: 2017-08-28 00:00:00 UTC Updated: 2025-08-25 22:32:24 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-3735 low priority: Ubuntu including 3 source packages (openssl, openssl098, openssl1.0), 23 status rows across 8 suites (artful, bionic, cosmic, disco, trusty, upstream, xenial, zesty): DNE 11, released 8, needs-triage 2, not-affected 2.

Description:

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

cvelogic Threat Intelligence