Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-37026HistorySep 21, 2022 - 2:15 p.m.
CVE-2022-37026
2022-09-2114:15:11
Debian Security Bug Tracker
security-tracker.debian.org
15
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
64.9%
In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | erlang | < 1:24.3.4.5+dfsg-1 | erlang_1:24.3.4.5+dfsg-1_all.deb |
| Debian | 11 | all | erlang | < 1:23.2.6+dfsg-1+deb11u1 | erlang_1:23.2.6+dfsg-1+deb11u1_all.deb |
| Debian | 10 | all | erlang | < 1:22.2.7+dfsg-1+deb10u1 | erlang_1:22.2.7+dfsg-1+deb10u1_all.deb |
| Debian | 999 | all | erlang | < 1:24.3.4.5+dfsg-1 | erlang_1:24.3.4.5+dfsg-1_all.deb |
| Debian | 13 | all | erlang | < 1:24.3.4.5+dfsg-1 | erlang_1:24.3.4.5+dfsg-1_all.deb |
Related
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS : Erlang vulnerability (USN-6059-1)
2023-05-08 00:00:00
RHEL 8 : Red Hat OpenStack Platform 16.2.4 (erlang) (RHSA-2022:8857)
2023-01-23 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : erlang (SUSE-SU-2023:3401-1)
2023-08-24 00:00:00
openvas
openvas
openSUSE: Security Advisory for erlang (SUSE-SU-2023:3401-1)
2024-03-04 00:00:00
Mageia: Security Advisory (MGASA-2022-0450)
2022-12-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:4222-1)
2022-11-28 00:00:00
alpinelinux
alpinelinux
CVE-2022-37026
2022-09-21 14:15:11
osv
osv
erlang - security update
2023-07-11 00:00:00
erlang vulnerability
2023-05-08 08:40:04
CVE-2022-37026
2022-09-21 14:15:11
mageia
mageia
Updated erlang packages fix security vulnerability
2022-12-07 02:32:48
ubuntu
ubuntu
Erlang vulnerability
2023-05-08 00:00:00
redhatcve
redhatcve
CVE-2022-37026
2022-11-10 19:25:58
redhat
redhat
cvelist
cvelist
CVE-2022-37026
2022-09-21 00:00:00
redos
redos
ROS-20240606-04
2024-06-06 00:00:00
prion
prion
Authentication flaw
2022-09-21 14:15:00
cve
cve
CVE-2022-37026
2022-09-21 14:15:11
ubuntucve
ubuntucve
CVE-2022-37026
2022-09-21 00:00:00
debian
debian
[SECURITY] [DLA 3491-1] erlang security update
2023-07-11 13:23:21
nvd
nvd
CVE-2022-37026
2022-09-21 14:15:11
veracode
veracode
Authentication Bypass
2022-10-16 23:29:36
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
64.9%
Related for DEBIANCVE:CVE-2022-37026