CVE-2016-2107

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-2107
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2107.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-2107
Downstream
Related
Published
2016-05-05T01:59:03.200Z
Modified
2026-04-16T06:22:00.258259009Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.

References

Affected packages

Git / github.com/nodejs/node

Affected ranges

Type
GIT
Repo
https://github.com/nodejs/node
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c1aa949064892dbe693750686c06f4ad5673e577
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c1aa949064892dbe693750686c06f4ad5673e577
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c1aa949064892dbe693750686c06f4ad5673e577
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8eda60c8234177a7d41aac0828fab30c08970cd8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b4ec2c2ab8fa53fb6e8192eed0965732d56a9160
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
85df6ada477715020dbd22e2fb5e687d84d663ff
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6dc12b1042d5d4727f77e8a1c5758dab91400069
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b7eff480d8fbeb0576bb98ca771fb1ad6f48e864
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bcf6ac1960a8b5b3be5f24c10ec4c5e2ba0a60fa
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
58db386a1be17499a444df6a78743c9dfb3cfbe3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ef37a465c536ec3e7d9d4d86f98003a156abf3bb
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
83ca8fa313d81353d99690dc2620bdbf8e3d5e88
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5368455fdafc097880a8b7269187255a0bcd9801
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9ef4b1b140ce25e8178f7dfe2e637b8bd5483963
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d7f2bc9a71d0c2af5a362f8d6ea995c56dbfbd7a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
384e6c2dfe968002800bc3d3224a57aa19ffdfee
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
02fd81a89f490002f032d06a48b30f4caa957afe
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
02fd81a89f490002f032d06a48b30f4caa957afe
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7c89c4c7acdaa2035ec42195ade689419209c2fd
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4d8f4d5cb3514737f78d50ed532de23a718cf28e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5
Introduced
163ca274230fce536afe76c64676c332693ad7c1
Fixed
1b2bc79f96191f4a4cb268bf0048b43b2d56a284
Introduced
2b18916ff054309a07408719b62e2b6a4f1e056a
Fixed
a7376c9b8ec57c5d4cb1a632f075a3c58e8462c1
Introduced
f9f837885343a2a3f5ba2b8c510eaac395c8c865
Last affected
85df6ada477715020dbd22e2fb5e687d84d663ff
Introduced
6dc12b1042d5d4727f77e8a1c5758dab91400069
Fixed
9cf628eae3a9b6969eca0d82c6bb0bcb18552867
Introduced
384e6c2dfe968002800bc3d3224a57aa19ffdfee
Fixed
3b4537c91f07fd5522cc008979f79628e1685b6b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0d8021e5a4cf0a6aa3a700a361f6d42c2894f2ba
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7a4f260c5df43caa2f522e739b7cc3e7595d7e09
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "13.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.2.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.2.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.3.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.1.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.1.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0.10.0"
        },
        {
            "fixed": "0.10.45"
        },
        {
            "introduced": "0.12.0"
        },
        {
            "fixed": "0.12.14"
        },
        {
            "introduced": "4.0.0"
        },
        {
            "last_affected": "4.1.2"
        },
        {
            "introduced": "4.2.0"
        },
        {
            "fixed": "4.4.4"
        },
        {
            "introduced": "5.0.0"
        },
        {
            "fixed": "5.11.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "15.10"
        }
    ]
}
Type
GIT
Repo
https://github.com/openssl/openssl
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
94f416601754dbe65e287f8e1eca01fa32f74a7a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2f63ad1c6daa61614f3d58de0889bf68e9f75853
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2c5db8dac3a06fe5b2c889838a606138ee3542ed
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
00a7e5ea1e51f58180cd7aa4028e998949a36d66
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1s"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2-beta1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2-beta2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2-beta3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2a"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2b"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2c"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2d"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2e"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2f"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2g"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0"
        }
    ]
}

Affected versions

4.*
4.0-PRE-CLANG-FORMAT-WEBKIT
Other
BEFORE_engine
OpenSSL_0_9_1c
OpenSSL_0_9_2b
OpenSSL_0_9_3
OpenSSL_0_9_3a
OpenSSL_0_9_3beta2
OpenSSL_0_9_4
OpenSSL_0_9_5a
OpenSSL_0_9_5a-beta1
OpenSSL_0_9_5a-beta2
OpenSSL_0_9_5beta1
OpenSSL_0_9_5beta2
OpenSSL_0_9_6-beta3
OpenSSL_1_0_1
OpenSSL_1_0_1-beta1
OpenSSL_1_0_1-beta2
OpenSSL_1_0_1-beta3
OpenSSL_1_0_1-post-auto-reformat
OpenSSL_1_0_1-post-reformat
OpenSSL_1_0_1-pre-auto-reformat
OpenSSL_1_0_1-pre-reformat
OpenSSL_1_0_1a
OpenSSL_1_0_1b
OpenSSL_1_0_1c
OpenSSL_1_0_1d
OpenSSL_1_0_1e
OpenSSL_1_0_1f
OpenSSL_1_0_1g
OpenSSL_1_0_1h
OpenSSL_1_0_1i
OpenSSL_1_0_1j
OpenSSL_1_0_1k
OpenSSL_1_0_1l
OpenSSL_1_0_1m
OpenSSL_1_0_1n
OpenSSL_1_0_1o
OpenSSL_1_0_1p
OpenSSL_1_0_1q
OpenSSL_1_0_1r
OpenSSL_1_0_1s
OpenSSL_1_0_1t
OpenSSL_1_0_1u
OpenSSL_1_0_2
OpenSSL_1_0_2-beta1
OpenSSL_1_0_2-beta2
OpenSSL_1_0_2-beta3
OpenSSL_1_0_2-post-auto-reformat
OpenSSL_1_0_2-post-reformat
OpenSSL_1_0_2-pre-auto-reformat
OpenSSL_1_0_2-pre-reformat
OpenSSL_1_0_2a
OpenSSL_1_0_2b
OpenSSL_1_0_2c
OpenSSL_1_0_2d
OpenSSL_1_0_2e
OpenSSL_1_0_2f
OpenSSL_1_0_2g
OpenSSL_1_0_2h
OpenSSL_1_0_2i
OpenSSL_1_0_2j
OpenSSL_1_0_2k
OpenSSL_1_0_2l
OpenSSL_1_0_2m
OpenSSL_1_0_2n
OpenSSL_1_0_2o
OpenSSL_1_0_2p
OpenSSL_1_0_2q
OpenSSL_1_0_2r
OpenSSL_1_0_2s
OpenSSL_1_0_2t
OpenSSL_1_0_2u
OpenSSL_1_1_0-pre1
OpenSSL_1_1_0-pre2
OpenSSL_1_1_0-pre3
OpenSSL_1_1_0-pre4
OpenSSL_1_1_0-pre5
OpenSSL_1_1_0-pre6
OpenSSL_1_1_1
OpenSSL_1_1_1-pre1
OpenSSL_1_1_1-pre2
OpenSSL_1_1_1-pre3
OpenSSL_1_1_1-pre4
OpenSSL_1_1_1-pre5
OpenSSL_1_1_1-pre6
OpenSSL_1_1_1-pre7
OpenSSL_1_1_1-pre8
OpenSSL_1_1_1-pre9
master-post-auto-reformat
master-post-reformat
master-pre-auto-reformat
master-pre-reformat
openssl-3.*
openssl-3.0.0-alpha1
openssl-3.0.0-alpha10
openssl-3.0.0-alpha11
openssl-3.0.0-alpha12
openssl-3.0.0-alpha13
openssl-3.0.0-alpha14
openssl-3.0.0-alpha15
openssl-3.0.0-alpha16
openssl-3.0.0-alpha17
openssl-3.0.0-alpha2
openssl-3.0.0-alpha3
openssl-3.0.0-alpha4
openssl-3.0.0-alpha5
openssl-3.0.0-alpha6
openssl-3.0.0-alpha7
openssl-3.0.0-alpha8
openssl-3.0.0-alpha9
openssl-3.0.0-beta1
openssl-3.0.0-beta2
openssl-3.2.0-alpha1
openssl-3.2.0-alpha2
openssl-3.4.0-alpha1
v0.*
v0.0.1
v0.0.2
v0.0.3
v0.0.4
v0.0.6
v0.1.0
v0.1.1
v0.1.10
v0.1.100
v0.1.101
v0.1.102
v0.1.103
v0.1.104
v0.1.11
v0.1.12
v0.1.13
v0.1.14
v0.1.15
v0.1.16
v0.1.17
v0.1.18
v0.1.19
v0.1.2
v0.1.20
v0.1.21
v0.1.22
v0.1.23
v0.1.24
v0.1.25
v0.1.26
v0.1.27
v0.1.28
v0.1.29
v0.1.3
v0.1.30
v0.1.31
v0.1.32
v0.1.33
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v0.1.92
v0.1.93
v0.1.94
v0.1.95
v0.1.96
v0.1.97
v0.1.98
v0.1.99
v0.10.41
v0.10.42
v0.10.43
v0.10.44
v0.12.10
v0.12.11
v0.12.12
v0.12.13
v0.12.8
v0.12.9
v0.2.0
v0.3.0
v0.3.1
v0.3.2
v0.3.4
v0.3.5
v0.3.6
v0.3.7
v0.3.8
v0.4.0
v0.5.0
v0.5.1
v0.5.10
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.5-rc1
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.6.1
v0.7.0
v0.7.2
v0.7.3
v1.*
v1.0.1
v1.0.1-release
v1.0.2
v1.0.2-release
v1.0.3
v1.0.4
v1.1.0
v1.2.0
v1.3.0
v1.4.1
v1.4.2
v1.4.3
v1.5.0
v1.5.1
v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.7.0
v1.7.1
v13.*
v13.0.0
v13.0.1
v13.1.0
v13.2.0
v15.*
v15.0.0
v15.0.1
v15.1.0
v15.10.0
v15.2.0
v15.2.1
v15.3.0
v15.4.0
v15.5.0
v15.5.1
v15.6.0
v15.7.0
v15.8.0
v15.9.0
v2.*
v2.0.0
v2.0.1
v2.0.2
v2.1.0
v2.2.0
v2.2.1
v2.3.0
v2.3.1
v2.3.2
v2.3.3
v2.3.4
v2.4.0
v2.5.0
v3.*
v3.0.0
v4.*
v4.0.0
v4.1.0
v4.1.1
v4.1.2
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.3.0
v4.3.1
v4.3.2
v4.4.0
v4.4.1
v4.4.2
v4.4.3
v5.*
v5.0.0
v5.1.0
v5.1.1
v5.10.0
v5.10.1
v5.2.0
v5.3.0
v5.4.0
v5.4.1
v5.5.0
v5.6.0
v5.7.0
v5.7.1
v5.8.0
v5.9.0
v5.9.1
v6.*
v6.0.0
v7.*
v7.0.0
v7.1.0
v7.2.0
v8.*
v8.0.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2107.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "42.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.0.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.1.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.1.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "12.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "14.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "16.04"
            }
        ]
    }
]