Lucene search
CloudLinuxCLSA-2023:1701445092HistoryDec 01, 2023 - 3:38 p.m.
libksba: Fix of 2 CVEs
2023-12-0115:38:16
repo.cloudlinux.com
11
libksba
security fixes
cve-2022-3515
overflow
tlv parser
cve-2022-47629
integer overflow
crl signature parser
unix
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.3%
- CVE-2022-3515: detect a possible overflow directly in the TLV parser
- CVE-2022-47629: fix an integer overflow in the CRL signature parser
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Centos | 6 | i686 | libksba | < 1.0.7 | libksba-1.0.7-4.el6.tuxcare.els1.src.rpm |
| Centos | 6 | x86_64 | libksba | < 1.0.7 | libksba-1.0.7-4.el6.tuxcare.els1.src.rpm |
| Centos | 6 | i686 | libksba-devel | < 1.0.7 | libksba-1.0.7-4.el6.tuxcare.els1.src.rpm |
| Centos | 6 | x86_64 | libksba-devel | < 1.0.7 | libksba-1.0.7-4.el6.tuxcare.els1.src.rpm |
Related
nessus
nessus
EulerOS 2.0 SP9 : libksba (EulerOS-SA-2023-1447)
2023-03-08 00:00:00
EulerOS Virtualization 2.9.0 : libksba (EulerOS-SA-2023-1674)
2023-04-27 00:00:00
EulerOS 2.0 SP11 : libksba (EulerOS-SA-2023-1760)
2023-05-08 00:00:00
gentoo
gentoo
libksba: Remote Code Execution
2022-12-28 00:00:00
libksba: Remote Code Execution
2022-10-31 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libksba (EulerOS-SA-2023-1472)
2023-03-09 00:00:00
Huawei EulerOS: Security Advisory for libksba (EulerOS-SA-2023-2055)
2023-06-07 00:00:00
Huawei EulerOS: Security Advisory for libksba (EulerOS-SA-2023-1904)
2023-05-16 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2170
2023-06-20 10:21:17
Advisory ROSA-SA-2023-2193
2023-07-18 11:25:52
Advisory ROSA-SA-2023-2129
2023-03-07 10:01:35
oraclelinux
oraclelinux
libksba security update
2023-02-08 00:00:00
libksba security update
2023-02-07 00:00:00
libksba security update
2023-01-30 00:00:00
ibm
ibm
osv
osv
Important: libksba security update
2023-02-07 00:00:00
libksba - security update
2022-12-21 00:00:00
CVE-2022-47629
2022-12-20 23:15:12
redhat
redhat
(RHSA-2023:0594) Important: libksba security update
2023-02-06 16:19:16
(RHSA-2023:0626) Important: libksba security update
2023-02-07 15:24:12
(RHSA-2023:0624) Important: libksba security update
2023-02-07 15:21:57
ubuntu
ubuntu
Libksba vulnerability
2023-01-09 00:00:00
Libksba vulnerability
2023-01-05 00:00:00
Libksba vulnerability
2022-10-26 00:00:00
ubuntucve
ubuntucve
CVE-2022-47629
2022-12-20 00:00:00
CVE-2022-3515
2022-10-17 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-47629 affecting package libksba for versions less than 1.6.3-1
2023-01-17 16:46:45
CVE-2022-47629 affecting package libksba 1.3.5-3
2023-01-12 20:54:53
CVE-2022-3515 affecting package libksba 1.3.5-4
2023-03-02 04:18:32
rocky
rocky
libksba security update
2023-02-16 06:35:04
libksba security update
2023-02-16 06:35:52
libksba security update
2022-10-24 13:32:30
photon
photon
Critical Photon OS Security Update - PHSA-2023-0511
2023-01-06 00:00:00
Critical Photon OS Security Update - PHSA-2023-0309
2023-01-06 00:00:00
debian
debian
[SECURITY] [DLA 3248-1] libksba security update
2022-12-24 15:26:43
[SECURITY] [DSA 5305-1] libksba security update
2022-12-21 21:42:59
[SECURITY] [DLA 3153-1] libksba security update
2022-10-17 21:21:47
amazon
amazon
Important: libksba
2023-05-11 17:49:00
Important: libksba
2023-05-25 17:41:00
Important: libksba
2022-12-01 17:34:00
centos
centos
libksba security update
2023-02-20 16:15:30
libksba security update
2022-10-26 14:16:27
debiancve
debiancve
CVE-2022-47629
2022-12-20 23:15:00
CVE-2022-3515
2023-01-12 15:15:10
veracode
veracode
Integer Overflow
2022-12-26 05:43:35
Stack-based Buffer Overflow
2022-10-21 00:42:05
redos
redos
ROS-20221227-01
2022-12-27 00:00:00
ROS-20221020-01
2022-10-20 00:00:00
alpinelinux
alpinelinux
CVE-2022-47629
2022-12-20 23:15:00
CVE-2022-3515
2023-01-12 15:15:10
almalinux
almalinux
Important: libksba security update
2023-02-07 00:00:00
Important: libksba security update
2023-02-07 00:00:00
Important: libksba security update
2022-10-24 00:00:00
prion
prion
Integer overflow
2022-12-20 23:15:00
Integer overflow
2023-01-12 15:15:00
cve
cve
CVE-2022-47629
2022-12-20 23:15:00
CVE-2022-3515
2023-01-12 15:15:10
mageia
mageia
Updated libksba packages fix security vulnerability
2022-12-31 01:39:00
Updated libksba packages fix security vulnerability
2022-11-02 01:58:59
redhatcve
redhatcve
CVE-2022-47629
2023-01-17 10:34:55
CVE-2022-3515
2022-10-18 06:10:02
fedora
fedora
[SECURITY] Fedora 35 Update: libksba-1.6.2-1.fc35
2022-11-01 15:56:40
[SECURITY] Fedora 36 Update: libksba-1.6.2-1.fc36
2022-10-25 13:13:26
zdi
zdi
suse
suse
Security update for libksba (critical)
2022-10-21 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.3%
Related for CLSA-2023:1701445092