openssl is vulnerable to command injection. The vulnerability exists in c_rehash script which allows an attacker to inject and execute malicious commands.

CPENameOperatorVersion
openssl1.0:bioniceq1.0.2n-1ubuntu5.3
openssl1.0:bioniceq1.0.2n-1ubuntu5.4
openssl1.0:bioniceq1.0.2n-1ubuntu5.7
openssl1.0:bioniceq1.0.2n-1ubuntu5
openssl:bioniceq1.1.0g-2ubuntu4
openssl:bioniceq1.1.1-1ubuntu2.1~18.04.13
openssl:bioniceq1.1.1-1ubuntu2.1~18.04.6
openssl:focaleq1.1.1f-1ubuntu2
openssl:sideq1.1.1h-1
openssl:bustereq1.1.1d-0+deb10u7

Name	Operator	Version
openssl1.0:bionic	eq	1.0.2n-1ubuntu5.3
openssl1.0:bionic	eq	1.0.2n-1ubuntu5.4
openssl1.0:bionic	eq	1.0.2n-1ubuntu5.7
openssl1.0:bionic	eq	1.0.2n-1ubuntu5
openssl:bionic	eq	1.1.0g-2ubuntu4
openssl:bionic	eq	1.1.1-1ubuntu2.1~18.04.13
openssl:bionic	eq	1.1.1-1ubuntu2.1~18.04.6
openssl:focal	eq	1.1.1f-1ubuntu2
openssl:sid	eq	1.1.1h-1
openssl:buster	eq	1.1.1d-0+deb10u7

Rows per page:

1-10 of 6011

References

git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2022-2068

cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf

git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa

git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9

git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7

lists.fedoraproject.org/archives/list/[email protected]/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/

lists.fedoraproject.org/archives/list/[email protected]/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/

security.netapp.com/advisory/ntap-20220707-0008/

www.debian.org/security/2022/dsa-5169

www.openssl.org/news/secadv/20220621.txt

osv 10

ibm 17

ics 1

debian 1

openvas 45

rocky 2

altlinux 4

photon 3

cbl_mariner 2

fedora 2

nodejsblog 2

ubuntu 3

cloudfoundry 1

freebsd 1

mageia 1

nessus 65

f5 1

cve 1

suse 5

ubuntucve 1

cloudlinux 1

redhatcve 1

prion 1

debiancve 1

cvelist 1

amazon 3

nvd 1

redhat 9

broadcom 1

openssl 1

slackware 2

alpinelinux 1

oraclelinux 4

almalinux 2

aix 1

thn 1

osv

openssl, openssl1.0 vulnerability

2022-06-21 14:36:21

heap buffer overflow in OpenSSL version 3.0.4

2022-06-28 02:20:38

heap buffer overflow in OpenSSL version 3.0.4

2022-06-28 02:20:38

ibm

Security Bulletin: OpenSSL vulnerability affects App Connect professional v7.5.4.

2022-07-06 04:56:24

Security Bulletin: IBM Sterling Connect:Direct for UNIX Container is vulnerable to execute arbitrary commands due to OpenSSL (CVE-2022-2068)

2022-09-14 14:09:15

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary command execution in OpenSSL (CVE-2022-2068)

2023-02-01 15:38:14

ics

Mitsubishi Electric GT SoftGOT2000

2022-11-15 12:00:00

debian

[SECURITY] [DSA 5169-1] openssl security update

2022-06-26 18:26:57

openvas

Fedora: Security Advisory for openssl1.1 (FEDORA-2022-3b7d0abd0b)

2022-07-07 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:2179-1)

2022-06-27 00:00:00

Ubuntu: Security Advisory (USN-5488-2)

2022-08-26 00:00:00

rocky

openssl security and bug fix update

2023-01-26 21:50:01

openssl security update

2022-08-02 07:00:02

altlinux

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1q-alt1

2022-07-05 00:00:00

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1q-alt1

2022-07-08 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1p-alt1

2022-06-22 00:00:00

photon

Moderate Photon OS Security Update - PHSA-2022-0408

2022-06-22 00:00:00

Moderate Photon OS Security Update - PHSA-2022-0490

2022-06-23 00:00:00

Critical Photon OS Security Update - PHSA-2022-3.0-0408

2022-06-22 00:00:00

cbl_mariner

CVE-2022-2068 affecting package openssl for versions less than 1.1.1k-17

2022-07-01 21:02:21

CVE-2022-2068 affecting package openssl 1.1.1k-16

2022-07-14 20:59:56

fedora

[SECURITY] Fedora 36 Update: openssl1.1-1.1.1p-1.fc36

2022-07-06 01:38:37

[SECURITY] Fedora 35 Update: openssl-1.1.1q-1.fc35

2022-07-23 02:27:30

nodejsblog

OpenSSL update assessment, and Node.js project plans

2022-06-21 00:00:00

OpenSSL update assessment, and Node.js project plans

2022-06-21 00:00:00

ubuntu

OpenSSL vulnerability

2022-07-06 00:00:00

OpenSSL vulnerability

2022-06-21 00:00:00

Node.js vulnerabilities

2023-10-30 00:00:00

cloudfoundry

USN-5488-1: OpenSSL vulnerability | Cloud Foundry

2022-07-28 00:00:00

freebsd

OpenSSL -- Command injection vulnerability

2022-06-21 00:00:00

mageia

Updated openssl packages fix security vulnerability

2022-07-01 00:31:09

nessus

Amazon Linux AMI : openssl (ALAS-2022-1626)

2022-08-05 00:00:00

Amazon Linux 2 : openssl-snapsafe (ALASOPENSSL-SNAPSAFE-2023-001)

2023-09-27 00:00:00

OpenSSL 3.0.0 < 3.0.4 Vulnerability

2022-06-21 00:00:00

K21600298 : OpenSSL vulnerabilities CVE-2022-1292 and CVE-2022-2068

2022-08-05 00:00:00

cve

CVE-2022-2068

2022-06-21 15:15:09

suse

Security update for openssl-1_1 (moderate)

2022-09-01 00:00:00

Security update for openssl-1_1 (moderate)

2022-07-04 00:00:00

Security update for openssl-1_0_0 (moderate)

2022-07-07 00:00:00

ubuntucve

CVE-2022-2068

2022-06-21 00:00:00

cloudlinux

Fixed CVEs in openssl: CVE-2022-1292, CVE-2022-2068

2022-07-14 16:53:26

redhatcve

CVE-2022-2068

2022-06-22 06:36:12

prion

Command injection

2022-06-21 15:15:00

debiancve

CVE-2022-2068

2022-06-21 15:15:09

cvelist

CVE-2022-2068 The c_rehash script allows command injection

2022-06-21 00:00:00

amazon

Medium: openssl11

2022-07-28 21:55:00

Medium: openssl

2022-07-28 21:55:00

Medium: openssl

2022-07-28 20:38:00

nvd

CVE-2022-2068

2022-06-21 15:15:09

redhat

(RHSA-2022:8913) Moderate: Red Hat JBoss Web Server 5.7.1 release and security update

2022-12-12 12:28:19

(RHSA-2022:8917) Moderate: Red Hat JBoss Web Server 5.7.1 release and security update

2022-12-12 12:20:51

(RHSA-2022:5818) Moderate: openssl security update

2022-08-02 07:00:02

broadcom

openssl file names of certificates being hashed were possibly passed to a command executed through the shell

2023-08-01 00:00:00

openssl

Vulnerability in OpenSSL CVE-2022-2068

2022-06-21 00:00:00

slackware

[slackware-security] Slackware 14.2 openssl

2022-06-28 19:28:45

[slackware-security] openssl

2022-06-23 05:32:23

alpinelinux

CVE-2022-2068

2022-06-21 15:15:09

oraclelinux

openssl security update

2022-08-02 00:00:00

openssl security update

2022-08-05 00:00:00

openssl security update

2022-08-31 00:00:00

almalinux

Moderate: openssl security update

2022-08-03 00:00:00

Moderate: openssl security and bug fix update

2022-08-30 00:00:00

aix

AIX is vulnerable to arbitrary command execution due to OpenSSL

2022-08-17 16:39:03

thn

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

2023-01-18 05:56:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.093 Low

EPSS

Percentile

94.7%

JSON

Related for VERACODE:36086