CVE-2005-2946
HIGH7.5EPSS 0.19%Published: 9/16/2005Modified: 4/28/2026
Also known as:DEBIAN-CVE-2005-2946
Description
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.
Affected packages (1)
- Debian/opensslfrom 0, < 0.9.8-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |