{"id":"CVE-2017-3735","details":"While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.","modified":"2026-05-07T04:40:27.745476Z","published":"2017-08-28T19:29:01.353Z","related":["SUSE-FU-2022:0445-1","SUSE-SU-2017:2968-1","SUSE-SU-2017:2981-1","SUSE-SU-2017:3169-1","SUSE-SU-2018:0002-1","SUSE-SU-2018:0112-1","SUSE-SU-2018:0293-1","SUSE-SU-2019:14246-1","openSUSE-SU-2024:11126-1","openSUSE-SU-2024:11127-1"],"database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.0"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.0"}],"source":"CPE_FIELD"}]},"references":[{"type":"WEB","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00011.html"},{"type":"WEB","url":"https://support.apple.com/HT208331"},{"type":"WEB","url":"https://usn.ubuntu.com/3611-2/"},{"type":"WEB","url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"type":"WEB","url":"https://www.tenable.com/security/tns-2017-15"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100515"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1039726"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3221"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3505"},{"type":"ADVISORY","url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201712-03"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-4017"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-4018"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"type":"REPORT","url":"https://security.netapp.com/advisory/ntap-20170927-0001/"},{"type":"REPORT","url":"https://security.netapp.com/advisory/ntap-20171107-0002/"},{"type":"REPORT","url":"https://www.openssl.org/news/secadv/20171102.txt"},{"type":"REPORT","url":"https://www.tenable.com/security/tns-2017-14"},{"type":"FIX","url":"https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822"},{"type":"FIX","url":"https://www.openssl.org/news/secadv/20170828.txt"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"0"},{"last_affected":"10626fac1569ea37839c37b105681cd08dbe6658"},{"last_affected":"f9022119ae9267abd57e70a2b53f27925df77c39"},{"last_affected":"8b8a2928afd00447b0f0e5942f93b61eb636e5e8"},{"last_affected":"07ecb6190a68fa9aeefc64ec510b3244ac9f4e7a"},{"last_affected":"e614ec476957b0b09a2b302c3d68003ed8395ed5"},{"last_affected":"d8faad27b70ccab9aad1a4af815f4d07cc5da1b5"},{"last_affected":"65fc4c55bea222e4ba542b383a32bdc7534e058b"},{"last_affected":"56327ebe6a7675001b382ca5e5531c598e1b2261"},{"last_affected":"bc0ecd202ab37f02b9d7dd610cbb0cf98db9fb52"},{"last_affected":"1883c9e66f488b03bacf2fb634ae0cda438352b1"},{"last_affected":"ab585551c0a577d9a91825d446465905a5ea17e3"},{"last_affected":"e2dfb655f798831ffb29242ad804013ddb0c5d5b"},{"last_affected":"08e4c7a967cc9d82264d125440d8b17b912bd250"},{"last_affected":"b8371bb22ec8d3859fba779989398a7a0255d864"},{"last_affected":"1ba59a85c9f3a117f116627c814b1b1427715b94"},{"last_affected":"dfbbcf9c2759d83604b25d5dc92d273948eb698d"},{"last_affected":"41d1e44a209d8d9bbe35b7e8512107294815cb68"},{"last_affected":"76ad5a6b6e65ecda9b9002a0caeb8a776e4fb44c"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"0.9.7j"},{"last_affected":"0.9.7k"},{"last_affected":"0.9.7l"},{"last_affected":"0.9.7m"},{"last_affected":"0.9.8"},{"last_affected":"0.9.8a"},{"last_affected":"0.9.8b"},{"last_affected":"0.9.8c"},{"last_affected":"0.9.8d"},{"last_affected":"0.9.8e"},{"last_affected":"0.9.8f"},{"last_affected":"0.9.8g"},{"last_affected":"0.9.8h"},{"last_affected":"0.9.8i"},{"last_affected":"0.9.8j"},{"last_affected":"0.9.8k"},{"last_affected":"0.9.8l"},{"last_affected":"0.9.8m"},{"last_affected":"0.9.8m-beta1"},{"last_affected":"0.9.8n"},{"last_affected":"0.9.8o"},{"last_affected":"0.9.8p"},{"last_affected":"0.9.8q"},{"last_affected":"0.9.8r"},{"last_affected":"0.9.8s"},{"last_affected":"0.9.8t"},{"last_affected":"0.9.8u"},{"last_affected":"0.9.8v"},{"last_affected":"0.9.8w"},{"last_affected":"0.9.8x"},{"last_affected":"0.9.8y"},{"last_affected":"0.9.8z"},{"last_affected":"0.9.8za"},{"last_affected":"0.9.8zb"},{"last_affected":"0.9.8zc"},{"last_affected":"0.9.8ze"},{"last_affected":"0.9.8zg"},{"last_affected":"1.0.0"},{"last_affected":"1.0.0-beta1"},{"last_affected":"1.0.0-beta2"},{"last_affected":"1.0.0-beta3"},{"last_affected":"1.0.0-beta4"},{"last_affected":"1.0.0-beta5"},{"last_affected":"1.0.0a"},{"last_affected":"1.0.0b"},{"last_affected":"1.0.0c"},{"last_affected":"1.0.0d"},{"last_affected":"1.0.0e"},{"last_affected":"1.0.0f"},{"last_affected":"1.0.0g"},{"last_affected":"1.0.0h"},{"last_affected":"1.0.0i"},{"last_affected":"1.0.0j"},{"last_affected":"1.0.0k"},{"last_affected":"1.0.0l"},{"last_affected":"1.0.0m"},{"last_affected":"1.0.0n"},{"last_affected":"1.0.0o"},{"last_affected":"1.0.0p"},{"last_affected":"1.0.0q"},{"last_affected":"1.0.0r"},{"last_affected":"1.0.0s"},{"last_affected":"1.0.1"},{"last_affected":"1.0.1-beta1"},{"last_affected":"1.0.1-beta2"},{"last_affected":"1.0.1-beta3"},{"last_affected":"1.0.1a"},{"last_affected":"1.0.1b"},{"last_affected":"1.0.1c"},{"last_affected":"1.0.1d"},{"last_affected":"1.0.1e"},{"last_affected":"1.0.1f"},{"last_affected":"1.0.1g"},{"last_affected":"1.0.1h"},{"last_affected":"1.0.1i"},{"last_affected":"1.0.1j"},{"last_affected":"1.0.1k"},{"last_affected":"1.0.1l"},{"last_affected":"1.0.2"},{"last_affected":"1.0.2-beta1"},{"last_affected":"1.0.2-beta2"},{"last_affected":"1.0.2-beta3"},{"last_affected":"1.0.2a"},{"last_affected":"1.0.2b"},{"last_affected":"1.0.2c"},{"last_affected":"1.0.2d"},{"last_affected":"1.0.2e"},{"last_affected":"1.0.2f"},{"last_affected":"1.0.2h"},{"last_affected":"1.0.2i"},{"last_affected":"1.0.2j"},{"last_affected":"1.0.2k"},{"last_affected":"1.0.2l"},{"last_affected":"1.1.0"},{"last_affected":"1.1.0a"},{"last_affected":"1.1.0b"},{"last_affected":"1.1.0c"},{"last_affected":"1.1.0d"},{"last_affected":"1.1.0e"},{"last_affected":"1.1.0f"}],"source":"CPE_FIELD","cpe":["cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8zc:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8ze:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:0.9.8zg:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.0s:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2k:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.0.2l:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.1.0a:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.1.0b:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.1.0c:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.1.0d:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.1.0e:*:*:*:*:*:*:*","cpe:2.3:a:openssl:openssl:1.1.0f:*:*:*:*:*:*:*"]}}],"versions":["BEFORE_engine","BEN_FIPS_TEST_7","BEN_FIPS_TEST_8","FIPS_TEST_10","FIPS_TEST_9","OpenSSL_0_9_1c","OpenSSL_0_9_2b","OpenSSL_0_9_3","OpenSSL_0_9_3a","OpenSSL_0_9_3beta2","OpenSSL_0_9_4","OpenSSL_0_9_5a","OpenSSL_0_9_5a-beta1","OpenSSL_0_9_5a-beta2","OpenSSL_0_9_5beta1","OpenSSL_0_9_5beta2","OpenSSL_0_9_6-beta3","OpenSSL_0_9_7","OpenSSL_0_9_7-beta1","OpenSSL_0_9_7-beta2","OpenSSL_0_9_7-beta3","OpenSSL_0_9_7-beta4","OpenSSL_0_9_7-beta6","OpenSSL_0_9_7a","OpenSSL_0_9_7b","OpenSSL_0_9_7c","OpenSSL_0_9_7e","OpenSSL_0_9_7f","OpenSSL_0_9_7g","OpenSSL_0_9_7h","OpenSSL_0_9_7i","OpenSSL_0_9_7j","OpenSSL_0_9_7k","OpenSSL_0_9_7l","OpenSSL_0_9_7m","OpenSSL_0_9_8","OpenSSL_0_9_8-beta1","OpenSSL_0_9_8-beta2","OpenSSL_0_9_8-beta4","OpenSSL_0_9_8-beta5","OpenSSL_0_9_8-beta6","OpenSSL_0_9_8a","OpenSSL_0_9_8b","OpenSSL_0_9_8c","OpenSSL_0_9_8d","OpenSSL_0_9_8e","OpenSSL_0_9_8h","OpenSSL_0_9_8i","OpenSSL_0_9_8j","OpenSSL_0_9_8m-beta1","OpenSSL_1_0_0-beta1","OpenSSL_1_0_0-beta2","OpenSSL_1_0_0-beta3","OpenSSL_1_0_0-beta4","OpenSSL_1_0_0-beta5","OpenSSL_1_0_1-beta1","OpenSSL_1_0_1-beta2","OpenSSL_1_0_1-beta3","OpenSSL_FIPS_1_0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-3735.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}