OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer (SSLv2/v3) and Secure Transport Layer (TLSv1) protocols. A denial of service vulnerability exists in OpenSSL due to an error in the BN_mod_sqrt() function that calculates the square root of a modulus, which could lead to a wireless loop for non-prime moduli. An attacker could send a special function parameter value to exploit the vulnerability to cause the application to trigger a denial of service during the certificate resolution process.

checkpoint_advisories 1

nessus 73

oraclelinux 8

hivepro 1

fedora 1

osv 11

fortinet 1

slackware 1

redhat 10

alpinelinux 1

ubuntucve 1

cve 1

cloudfoundry 2

rocky 3

openvas 31

debiancve 1

ibm 21

cbl_mariner 1

amazon 1

checkpoint_security 2

veracode 1

suse 1

thn 1

altlinux 5

debian 1

cloudlinux 1

openssl 1

mageia 1

centos 1

githubexploit 6

photon 1

paloalto 1

almalinux 2

ubuntu 1

prion 1

redos 1

aix 1

github 1

checkpoint_advisories

OpenSSL Denial of Service (CVE-2022-0778)

2022-03-27 00:00:00

nessus

RHEL 7 : openssl (RHSA-2022:1066)

2022-03-29 00:00:00

EulerOS 2.0 SP9 : openssl (EulerOS-SA-2022-1849)

2022-06-15 00:00:00

FreeBSD : OpenSSL -- Infinite loop in BN_mod_sqrt parsing certificates (ea05c456-a4fd-11ec-90de-1c697aa5a594)

2022-03-16 00:00:00

oraclelinux

openssl security update

2022-03-18 00:00:00

openssl security update

2022-03-18 00:00:00

openssl security update

2022-03-23 00:00:00

hivepro

OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop

2022-03-17 14:17:00

fedora

[SECURITY] Fedora 35 Update: openssl-1.1.1n-1.fc35

2022-03-22 03:44:53

osv

openssl1.0 - security update

2022-03-17 00:00:00

Important: openssl security update

2022-03-28 07:46:07

Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates

2022-03-15 12:00:00

fortinet

Protect

2022-04-01 00:00:00

slackware

[slackware-security] openssl

2022-03-17 19:59:07

redhat

(RHSA-2022:1519) Important: Red Hat JBoss Web Server 5.6.2 Security Update

2022-05-02 11:02:22

(RHSA-2022:1073) Important: openssl security update

2022-03-28 08:56:18

(RHSA-2022:5326) Low: compat-openssl10 security update

2022-06-28 10:53:54

alpinelinux

CVE-2022-0778

2022-03-15 17:15:00

ubuntucve

CVE-2022-0778

2022-03-15 00:00:00

cve

CVE-2022-0778

2022-03-15 17:15:00

cloudfoundry

USN-5328-1: OpenSSL vulnerability | Cloud Foundry

2022-05-23 00:00:00

USN-5328-2: OpenSSL vulnerabilityUSN-5328-2: OpenSSL vulnerability | Cloud Foundry

2022-04-21 00:00:00

rocky

compat-openssl11 security and bug fix update

2022-06-02 21:13:31

compat-openssl10 security update

2022-06-28 10:53:54

openssl security update

2022-03-28 07:46:07

openvas

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2023-1068)

2023-01-09 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:14915-1)

2022-03-16 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:0851-1)

2022-03-16 00:00:00

debiancve

CVE-2022-0778

2022-03-15 17:15:00

ibm

Security Bulletin: IBM Security Verify Governance is vulnerable to denial of service due to an OpenSSL vulnerability

2023-01-11 07:52:32

Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to denial of service due to OpenSSL (CVE-2022-0778)

2022-05-17 10:15:25

Security Bulletin: AIX is vulnerable to a denial of service due to OpenSSL (CVE-2022-0778)

2022-05-13 16:44:54

cbl_mariner

CVE-2022-0778 affecting package openssl 1.1.1k-30

2022-04-09 06:51:56

amazon

Important: openssl, openssl11

2022-03-15 18:49:00

checkpoint_security

Check Point response to OpenSSL CVE-2022-0778 (possible infinite loop when parsing ECDSA certificates/keys)

2022-03-16 06:41:44

Check Point response to CVE-2022-0778

2022-07-03 22:15:24

veracode

Denial Of Service (DoS)

2022-03-16 09:55:55

suse

Security update for openssl-1_0_0 (important)

2022-03-15 00:00:00

thn

QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices

2022-03-31 03:23:00

altlinux

Security fix for the ALT Linux 10 package node version 16.14.2-alt1

2022-04-23 00:00:00

Security fix for the ALT Linux 9 package openssl10 version 1.0.2u-alt1.p9.2

2022-03-24 00:00:00

Security fix for the ALT Linux 10 package node version 14.19.1-alt1

2022-04-29 00:00:00

debian

[SECURITY] [DLA 2953-1] openssl1.0 security update

2022-03-17 09:50:32

cloudlinux

Fix of CVE: CVE-2022-0778

2022-03-17 20:51:13

openssl

Vulnerability in OpenSSL CVE-2022-0778

2022-03-15 00:00:00

mageia

Updated openssl packages fix security vulnerability

2022-03-23 11:36:28

centos

openssl security update

2022-03-29 13:36:31

githubexploit

Exploit for Infinite Loop in Openssl

2023-09-11 07:30:33

Exploit for Infinite Loop in Openssl

2022-04-04 18:09:06

Exploit for Infinite Loop in Openssl

2022-03-15 19:06:33

photon

Important Photon OS Security Update - PHSA-2022-0162

2022-03-16 00:00:00

paloalto

Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778

2022-03-31 02:30:00

almalinux

Important: openssl security update

2022-03-28 07:46:07

Low: compat-openssl10 security update

2022-06-30 00:00:00

ubuntu

OpenSSL vulnerability

2022-03-15 00:00:00

prion

Code injection

2022-03-15 17:15:00

redos

ROS-20220318-02

2022-03-18 00:00:00

aix

AIX is vulnerable to a denial of service due to OpenSSL

2022-05-13 09:32:08

github

openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates

2022-03-16 00:00:45

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Related for CNVD-2022-68614