CVE-2023-0286: Type confusion vuln. X.400 address processing in X.509 GenName. Allows arbitrary pointers to memcmp, leading to memory read/enact DoS. Requires CRL checking, uncommon scenario
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
RustSec | X.400 address type confusion in X.509 `GeneralName` | 7 Feb 202312:00 | – | rustsec |
Oracle linux | openssl security update | 24 Apr 202300:00 | – | oraclelinux |
Oracle linux | openssl security update | 20 Mar 202300:00 | – | oraclelinux |
Oracle linux | openssl security update | 22 Mar 202300:00 | – | oraclelinux |
Oracle linux | openssl security update | 4 May 202300:00 | – | oraclelinux |
Oracle linux | openssl security update | 22 Mar 202300:00 | – | oraclelinux |
OSV | Vulnerable OpenSSL included in sgx-dcap-quote-verify-python | 14 Feb 202300:30 | – | osv |
OSV | Vulnerable OpenSSL included in cryptography wheels | 8 Feb 202322:17 | – | osv |
OSV | Red Hat Security Advisory: openssl security update | 14 Sep 202400:03 | – | osv |
OSV | CGA-6vj8-747q-h83f | 6 Jun 202412:23 | – | osv |
[
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.0.8",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
},
{
"lessThan": "1.1.1t",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.0.2zg",
"status": "affected",
"version": "1.0.2",
"versionType": "custom"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo