Vulnerability Database

314,343

Total vulnerabilities in the database

CVE-2016-2105

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

  • Published: May 5, 2016
  • Updated: Nov 9, 2025
  • CVE: CVE-2016-2105
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_server 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / enterprise_linux_hpc_node 6 6.x
opensuse / leap 42.1 42.1.x
opensuse / opensuse 13.2 13.2.x
oracle / mysql 5.6.0 5.6.30.x
oracle / mysql 5.7.0 5.7.12.x
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux_server_aus 7.2 7.2.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / enterprise_linux_server 7.0 7.0.x
redhat / enterprise_linux_hpc_node 7.0 7.0.x
redhat / enterprise_linux_server_eus 7.2 7.2.x
redhat / enterprise_linux_hpc_node_eus 7.2 7.2.x
apple / mac_os_x 10.11.5 10.11.5.x
openssl / openssl 1.0.1m 1.0.1m.x
openssl / openssl 1.0.2a 1.0.2a.x
openssl / openssl 1.0.1j 1.0.1j.x
openssl / openssl 1.0.1-beta2 1.0.1-beta2.x
openssl / openssl 1.0.1h 1.0.1h.x
openssl / openssl 1.0.2e 1.0.2e.x
openssl / openssl 1.0.1r 1.0.1r.x
openssl / openssl 1.0.2b 1.0.2b.x
openssl / openssl 1.0.1c 1.0.1c.x
openssl / openssl 1.0.1g 1.0.1g.x
openssl / openssl 1.0.2g 1.0.2g.x
openssl / openssl 1.0.1-beta3 1.0.1-beta3.x
openssl / openssl 1.0.1a 1.0.1a.x
openssl / openssl 1.0.1-beta1 1.0.1-beta1.x
openssl / openssl 1.0.1d 1.0.1d.x
openssl / openssl 1.0.2c 1.0.2c.x
openssl / openssl 1.0.2-beta3 1.0.2-beta3.x
openssl / openssl 1.0.1p 1.0.1p.x
openssl / openssl 1.0.2-beta1 1.0.2-beta1.x
openssl / openssl 1.0.1k 1.0.1k.x
openssl / openssl 1.0.1b 1.0.1b.x
openssl / openssl 1.0.1n 1.0.1n.x
openssl / openssl 1.0.1q 1.0.1q.x
openssl / openssl 1.0.1e 1.0.1e.x
openssl / openssl 1.0.1l 1.0.1l.x
openssl / openssl 1.0.1f 1.0.1f.x
openssl / openssl 1.0.1s 1.0.1s.x
openssl / openssl 1.0.1o 1.0.1o.x
openssl / openssl 1.0.2 1.0.2.x
openssl / openssl 1.0.2f 1.0.2f.x
openssl / openssl 1.0.1i 1.0.1i.x
openssl / openssl 1.0.2-beta2 1.0.2-beta2.x
openssl / openssl 1.0.1 1.0.1.x
openssl / openssl 1.0.2d 1.0.2d.x
debian / debian_linux 8.0 8.0.x
canonical / ubuntu_linux 12.04 12.04.x
canonical / ubuntu_linux 16.04 16.04.x
canonical / ubuntu_linux 15.10 15.10.x
canonical / ubuntu_linux 14.04 14.04.x
nodejs / node.js 4.0.0 4.1.2.x
nodejs / node.js 6.0.0 6.0.0.x
nodejs / node.js 5.0.0 5.11.1
nodejs / node.js 0.12.0 0.12.14
nodejs / node.js 0.10.0 0.10.45
nodejs / node.js 4.2.0 4.4.4