Lucene search
Alpine Linux Development TeamALPINE:CVE-2022-41859HistoryJan 17, 2023 - 6:15 p.m.
CVE-2022-41859
2023-01-1718:15:11
Alpine Linux Development Team
security.alpinelinux.org
4
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 High
AI Score
Confidence
High
In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.15-main | noarch | freeradius | < 3.0.26-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | freeradius | < 3.0.26-r0 | UNKNOWN |
Related
osv
osv
CVE-2022-41859
2023-01-17 18:15:11
Moderate: freeradius:3.0 security update
2023-05-16 00:00:00
Moderate: freeradius security and bug fix update
2023-05-09 00:00:00
redhatcve
redhatcve
CVE-2022-41859
2022-12-07 17:01:21
ubuntucve
ubuntucve
CVE-2022-41859
2023-01-17 00:00:00
cve
cve
CVE-2022-41859
2023-01-17 18:15:11
veracode
veracode
Information Disclosure
2023-03-12 08:47:02
cvelist
cvelist
CVE-2022-41859
2023-01-17 00:00:00
debiancve
debiancve
CVE-2022-41859
2023-01-17 18:15:11
prion
prion
Information disclosure
2023-01-17 18:15:00
nessus
nessus
RHEL 9 : freeradius (RHSA-2023:2166)
2023-05-12 00:00:00
SUSE SLES12 Security Update : freeradius-server (SUSE-SU-2023:0135-1)
2023-01-26 00:00:00
SUSE SLES15 Security Update : freeradius-server (SUSE-SU-2022:4626-1)
2022-12-28 00:00:00
redhat
redhat
(RHSA-2023:2166) Moderate: freeradius security and bug fix update
2023-05-09 05:02:09
(RHSA-2023:2870) Moderate: freeradius:3.0 security update
2023-05-16 05:57:04
debian
debian
[SECURITY] [DLA 3342-1] freeradius security update
2023-02-24 16:30:20
oraclelinux
oraclelinux
freeradius security and bug fix update
2023-05-15 00:00:00
freeradius:3.0 security update
2023-05-24 00:00:00
almalinux
almalinux
Moderate: freeradius security and bug fix update
2023-05-09 00:00:00
Moderate: freeradius:3.0 security update
2023-05-16 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:0135-1)
2023-01-26 00:00:00
Debian: Security Advisory (DLA-3342-1)
2023-02-25 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:4621-1)
2022-12-28 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: freeradius-3.0.26-1.fc36
2022-12-16 01:43:43
mageia
mageia
Updated freeradius packages fix security vulnerability
2022-12-31 01:39:00
amazon
amazon
Medium: freeradius
2023-03-02 21:50:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 High
AI Score
Confidence
High
Related for ALPINE:CVE-2022-41859