There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING.

veracode 1

nessus 65

ibm 26

oraclelinux 11

redhat 15

freebsd 2

cbl_mariner 8

f5 1

openvas 29

cvelist 1

nvd 1

cgr 1

centos 1

hivepro 1

prion 1

ics 3

wolfi 1

ubuntucve 1

osv 6

rosalinux 1

redhatcve 1

debiancve 1

alpinelinux 1

cve 1

rustsec 1

github 2

githubexploit 1

ubuntu 2

cloudlinux 1

cloudfoundry 1

trellix 2

redos 1

amazon 2

altlinux 1

freebsd_advisory 1

almalinux 1

fedora 2

rocky 1

veracode

Type Confusion

2023-02-09 20:56:17

nessus

SUSE SLES15 / openSUSE 15 Security Update : openssl-1_1-livepatches (SUSE-SU-2023:0482-1)

2023-02-24 00:00:00

Oracle Linux 7 : openssl (ELSA-2023-12210)

2023-03-22 00:00:00

Oracle Linux 7 : openssl (ELSA-2023-12205)

2023-03-22 00:00:00

ibm

Security Bulletin: Watson AI Gateway for Cloud Pak for Data is vulnerable to an OpenSSL denial of service caused by a type confusion error (CVE-2023-0286)

2023-03-17 23:25:09

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in OpenSSL

2023-06-28 20:56:38

Security Bulletin: IBM Events Operator is vulnerable to a denial of service in OpenSSL (CVE-2023-0286)

2023-09-21 14:21:01

oraclelinux

openssl security update

2023-03-22 00:00:00

openssl security update

2023-05-04 00:00:00

openssl security update

2023-03-22 00:00:00

redhat

(RHSA-2023:1441) Important: openssl security update

2023-03-23 10:53:48

(RHSA-2023:1439) Important: openssl security update

2023-03-23 10:51:34

(RHSA-2023:1438) Important: openssl security update

2023-03-23 10:50:26

freebsd

py-cryptography -- includes a vulnerable copy of OpenSSL

2023-02-08 00:00:00

FreeBSD -- Multiple vulnerabilities in OpenSSL

2023-02-16 00:00:00

cbl_mariner

CVE-2023-0286 affecting package openssl 1.1.1k-16

2023-02-14 02:35:59

CVE-2023-0286 affecting package rust for versions less than 1.72.0-2

2023-10-11 01:41:59

CVE-2023-0286 affecting package openssl for versions less than 1.1.1k-21

2023-02-14 20:36:09

K000132941 : OpenSSL vulnerability CVE-2023-0286

2023-03-13 00:00:00

openvas

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-1878)

2023-05-10 00:00:00

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-2129)

2023-06-07 00:00:00

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-2277)

2023-07-04 00:00:00

cvelist

CVE-2023-0286 X.400 address type confusion in X.509 GeneralName

2023-02-08 19:01:50

nvd

CVE-2023-0286

2023-02-08 20:15:24

cgr

CVE-2023-0286 vulnerabilities

2024-05-19 03:07:16

centos

openssl security update

2023-03-22 14:01:44

hivepro

OpenSSL Releases Update to Address Several High-Severity Vulnerabilities

2023-02-10 12:55:54

prion

Type confusion

2023-02-08 20:15:00

ics

Siemens Address Processing in SIMATIC

2023-08-10 12:00:00

Mitsubishi Electric Factory Automation Products

2024-01-04 12:00:00

Siemens SCALANCE W1750D Devices

2023-03-16 12:00:00

wolfi

CVE-2023-0286 vulnerabilities

2024-06-18 03:08:19

ubuntucve

CVE-2023-0286

2023-02-07 00:00:00

osv

X.400 address type confusion in X.509 `GeneralName`

2023-02-07 12:00:00

CVE-2023-0286

2023-02-08 20:15:24

Vulnerable OpenSSL included in cryptography wheels

2023-02-08 22:17:06

rosalinux

Advisory ROSA-SA-2023-2152

2023-04-11 14:23:07

redhatcve

CVE-2023-0286

2023-02-07 17:30:51

debiancve

CVE-2023-0286

2023-02-08 20:15:24

alpinelinux

CVE-2023-0286

2023-02-08 20:15:24

cve

CVE-2023-0286

2023-02-08 20:15:24

rustsec

X.400 address type confusion in X.509 `GeneralName`

2023-02-07 12:00:00

github

Vulnerable OpenSSL included in cryptography wheels

2023-02-08 22:17:06

Vulnerable OpenSSL included in sgx-dcap-quote-verify-python

2023-02-14 00:30:22

githubexploit

Exploit for Type Confusion in Openssl

2023-03-21 04:57:37

ubuntu

OpenSSL vulnerabilities

2023-02-07 00:00:00

OpenSSL vulnerabilities

2023-02-07 00:00:00

cloudlinux

openssl: Fix of 2 CVEs

2023-02-10 10:39:56

cloudfoundry

USN-5845-1: OpenSSL vulnerabilities | Cloud Foundry

2023-02-24 00:00:00

trellix

CVE-2023-0286: The OpenSSL Who Cried “Severity: High

2023-02-09 00:00:00

CVE-2023-0286: The OpenSSL Who Cried “Severity: High

2023-02-09 00:00:00

redos

ROS-20230620-06

2023-06-20 00:00:00

amazon

Important: openssl

2023-02-03 23:39:00

Important: openssl

2023-02-03 19:19:00

altlinux

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1t-alt1

2023-02-20 00:00:00

freebsd_advisory

FreeBSD-SA-23:03.openssl

2023-02-16 00:00:00

almalinux

Important: openssl security update

2023-03-22 00:00:00

fedora

[SECURITY] Fedora 36 Update: edk2-20221117gitfff6d81270b5-14.fc36

2023-03-05 00:54:06

[SECURITY] Fedora 37 Update: edk2-20221117gitfff6d81270b5-13.fc37

2023-02-16 02:06:48

rocky

openssl security update

2023-03-28 13:07:30

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

7.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.5%

JSON

Related for OPENSSL:CVE-2023-0286