Aggregates CVE and security vulnerability intelligence across all matrixssl-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk buffer overflow, vendor risk memory corruption, and vendor risk path handling; exposure may include vendor impact memory corruption in vendor surface software deployment contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2016-6885 | The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid free and crash) via a base zero value for the modular exponentiation. | [email protected] | 7.5 | 1.33% | 2017-01-13 | 2026-06-16 |
| CVE-2016-6892 | The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unallocated memory) via a crafted X.509 certificate. | [email protected] | 7.5 | 1.86% | 2017-01-05 | 2026-06-16 |
| CVE-2016-6891 | MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate. | [email protected] | 7.5 | 1.86% | 2017-01-05 | 2026-06-16 |
| CVE-2016-6890 | Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate. | [email protected] | 9.8 | 6.38% | 2017-01-05 | 2026-06-16 |