CVE-2016-2107

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-2107
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2107.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-2107
Downstream
Related
Published
2016-05-05T01:59:03.200Z
Modified
2026-03-10T14:09:41.147564Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.

References

Affected packages

Git / github.com/nodejs/node

Affected ranges

Type
GIT
Repo
https://github.com/nodejs/node
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c1aa949064892dbe693750686c06f4ad5673e577
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c1aa949064892dbe693750686c06f4ad5673e577
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c1aa949064892dbe693750686c06f4ad5673e577
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8eda60c8234177a7d41aac0828fab30c08970cd8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b4ec2c2ab8fa53fb6e8192eed0965732d56a9160
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
85df6ada477715020dbd22e2fb5e687d84d663ff
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6dc12b1042d5d4727f77e8a1c5758dab91400069
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b7eff480d8fbeb0576bb98ca771fb1ad6f48e864
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bcf6ac1960a8b5b3be5f24c10ec4c5e2ba0a60fa
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
58db386a1be17499a444df6a78743c9dfb3cfbe3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ef37a465c536ec3e7d9d4d86f98003a156abf3bb
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
83ca8fa313d81353d99690dc2620bdbf8e3d5e88
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5368455fdafc097880a8b7269187255a0bcd9801
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9ef4b1b140ce25e8178f7dfe2e637b8bd5483963
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d7f2bc9a71d0c2af5a362f8d6ea995c56dbfbd7a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
384e6c2dfe968002800bc3d3224a57aa19ffdfee
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
02fd81a89f490002f032d06a48b30f4caa957afe
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
02fd81a89f490002f032d06a48b30f4caa957afe
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7c89c4c7acdaa2035ec42195ade689419209c2fd
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4d8f4d5cb3514737f78d50ed532de23a718cf28e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5
Introduced
163ca274230fce536afe76c64676c332693ad7c1
Fixed
1b2bc79f96191f4a4cb268bf0048b43b2d56a284
Introduced
2b18916ff054309a07408719b62e2b6a4f1e056a
Fixed
a7376c9b8ec57c5d4cb1a632f075a3c58e8462c1
Introduced
f9f837885343a2a3f5ba2b8c510eaac395c8c865
Last affected
85df6ada477715020dbd22e2fb5e687d84d663ff
Introduced
6dc12b1042d5d4727f77e8a1c5758dab91400069
Fixed
9cf628eae3a9b6969eca0d82c6bb0bcb18552867
Introduced
384e6c2dfe968002800bc3d3224a57aa19ffdfee
Fixed
3b4537c91f07fd5522cc008979f79628e1685b6b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0d8021e5a4cf0a6aa3a700a361f6d42c2894f2ba
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7a4f260c5df43caa2f522e739b7cc3e7595d7e09
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "13.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.2.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.2.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.3.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.1.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.1.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0.10.0"
        },
        {
            "fixed": "0.10.45"
        },
        {
            "introduced": "0.12.0"
        },
        {
            "fixed": "0.12.14"
        },
        {
            "introduced": "4.0.0"
        },
        {
            "last_affected": "4.1.2"
        },
        {
            "introduced": "4.2.0"
        },
        {
            "fixed": "4.4.4"
        },
        {
            "introduced": "5.0.0"
        },
        {
            "fixed": "5.11.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "15.10"
        }
    ]
}
Type
GIT
Repo
https://github.com/openssl/openssl
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
94f416601754dbe65e287f8e1eca01fa32f74a7a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2f63ad1c6daa61614f3d58de0889bf68e9f75853
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2c5db8dac3a06fe5b2c889838a606138ee3542ed
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
00a7e5ea1e51f58180cd7aa4028e998949a36d66
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1s"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2-beta1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2-beta2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2-beta3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2a"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2b"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2c"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2d"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2e"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2f"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2g"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0"
        }
    ]
}

Affected versions

4.*
4.0-PRE-CLANG-FORMAT-WEBKIT
Other
BEFORE_engine
OpenSSL_0_9_1c
OpenSSL_0_9_2b
OpenSSL_0_9_3
OpenSSL_0_9_3a
OpenSSL_0_9_3beta2
OpenSSL_0_9_4
OpenSSL_0_9_5a
OpenSSL_0_9_5a-beta1
OpenSSL_0_9_5a-beta2
OpenSSL_0_9_5beta1
OpenSSL_0_9_5beta2
OpenSSL_0_9_6-beta3
OpenSSL_1_0_0
OpenSSL_1_0_0-beta1
OpenSSL_1_0_0-beta2
OpenSSL_1_0_0-beta3
OpenSSL_1_0_0-beta4
OpenSSL_1_0_0-beta5
OpenSSL_1_0_0a
OpenSSL_1_0_1
OpenSSL_1_0_1-beta1
OpenSSL_1_0_1-beta2
OpenSSL_1_0_1-beta3
OpenSSL_1_0_1-post-auto-reformat
OpenSSL_1_0_1-post-reformat
OpenSSL_1_0_1-pre-auto-reformat
OpenSSL_1_0_1-pre-reformat
OpenSSL_1_0_1a
OpenSSL_1_0_1b
OpenSSL_1_0_1c
OpenSSL_1_0_1d
OpenSSL_1_0_1e
OpenSSL_1_0_1f
OpenSSL_1_0_1g
OpenSSL_1_0_1h
OpenSSL_1_0_1i
OpenSSL_1_0_1j
OpenSSL_1_0_1k
OpenSSL_1_0_1l
OpenSSL_1_0_1m
OpenSSL_1_0_1n
OpenSSL_1_0_1o
OpenSSL_1_0_1p
OpenSSL_1_0_1q
OpenSSL_1_0_1r
OpenSSL_1_0_1s
OpenSSL_1_0_1t
OpenSSL_1_0_1u
OpenSSL_1_0_2
OpenSSL_1_0_2-beta1
OpenSSL_1_0_2-beta2
OpenSSL_1_0_2-beta3
OpenSSL_1_0_2-post-auto-reformat
OpenSSL_1_0_2-post-reformat
OpenSSL_1_0_2-pre-auto-reformat
OpenSSL_1_0_2-pre-reformat
OpenSSL_1_0_2a
OpenSSL_1_0_2b
OpenSSL_1_0_2c
OpenSSL_1_0_2d
OpenSSL_1_0_2e
OpenSSL_1_0_2f
OpenSSL_1_0_2g
OpenSSL_1_0_2h
OpenSSL_1_0_2i
OpenSSL_1_0_2j
OpenSSL_1_0_2k
OpenSSL_1_0_2l
OpenSSL_1_0_2m
OpenSSL_1_0_2n
OpenSSL_1_0_2o
OpenSSL_1_0_2p
OpenSSL_1_0_2q
OpenSSL_1_0_2r
OpenSSL_1_0_2s
OpenSSL_1_0_2t
OpenSSL_1_0_2u
OpenSSL_1_1_0-pre1
OpenSSL_1_1_0-pre2
OpenSSL_1_1_0-pre3
OpenSSL_1_1_0-pre4
OpenSSL_1_1_0-pre5
OpenSSL_1_1_0-pre6
OpenSSL_1_1_1
OpenSSL_1_1_1-pre1
OpenSSL_1_1_1-pre2
OpenSSL_1_1_1-pre3
OpenSSL_1_1_1-pre4
OpenSSL_1_1_1-pre5
OpenSSL_1_1_1-pre6
OpenSSL_1_1_1-pre7
OpenSSL_1_1_1-pre8
OpenSSL_1_1_1-pre9
master-post-auto-reformat
master-post-reformat
master-pre-auto-reformat
master-pre-reformat
openssl-3.*
openssl-3.0.0-alpha1
openssl-3.0.0-alpha10
openssl-3.0.0-alpha11
openssl-3.0.0-alpha12
openssl-3.0.0-alpha13
openssl-3.0.0-alpha14
openssl-3.0.0-alpha15
openssl-3.0.0-alpha16
openssl-3.0.0-alpha17
openssl-3.0.0-alpha2
openssl-3.0.0-alpha3
openssl-3.0.0-alpha4
openssl-3.0.0-alpha5
openssl-3.0.0-alpha6
openssl-3.0.0-alpha7
openssl-3.0.0-alpha8
openssl-3.0.0-alpha9
openssl-3.0.0-beta1
openssl-3.0.0-beta2
openssl-3.2.0-alpha1
openssl-3.2.0-alpha2
openssl-3.4.0-alpha1
v0.*
v0.10.0
v0.10.1
v0.10.10
v0.10.11
v0.10.12
v0.10.13
v0.10.14
v0.10.15
v0.10.16
v0.10.17
v0.10.18
v0.10.19
v0.10.2
v0.10.20
v0.10.21
v0.10.22
v0.10.23
v0.10.24
v0.10.25
v0.10.26
v0.10.27
v0.10.28
v0.10.29
v0.10.3
v0.10.30
v0.10.31
v0.10.32
v0.10.4
v0.10.5
v0.10.6
v0.10.7
v0.10.8
v0.10.9
v0.11.0
v0.11.1
v0.11.10
v0.11.11
v0.11.12
v0.11.13
v0.11.2
v0.11.3
v0.11.4
v0.11.5
v0.11.6
v0.11.7
v0.11.8
v0.11.9
v1.*
v1.0.0
v1.0.0-release
v1.0.1
v1.0.1-release
v1.0.2
v1.0.2-release
v1.0.3
v1.0.4
v1.1.0
v1.2.0
v1.3.0
v1.4.1
v1.4.2
v1.4.3
v1.5.0
v1.5.1
v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.7.0
v1.7.1
v1.8.1
v13.*
v13.0.0
v13.0.1
v13.1.0
v13.2.0
v2.*
v2.0.0
v2.0.1
v2.0.2
v2.1.0
v2.2.0
v2.2.1
v2.3.0
v2.3.1
v2.3.2
v2.3.3
v2.3.4
v2.4.0
v2.5.0
v3.*
v3.0.0
v4.*
v4.0.0
v4.1.0
v4.1.1
v4.1.2
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.3.0
v4.3.1
v4.3.2
v4.4.0
v4.4.1
v4.4.2
v4.4.3
v5.*
v5.0.0
v5.1.0
v5.1.1
v5.10.0
v5.10.1
v5.2.0
v5.3.0
v5.4.0
v5.4.1
v5.5.0
v5.6.0
v5.7.0
v5.7.1
v5.8.0
v5.9.0
v5.9.1
v7.*
v7.0.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2107.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "42.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.0.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.0.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.1.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.1.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "12.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "14.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "16.04"
            }
        ]
    }
]