Lucene search
FreeBSD0844671C-5A09-11ED-856E-D4C9EF517024HistoryNov 01, 2022 - 12:00 a.m.
OpenSSL -- Buffer overflows in Email verification
2022-11-0100:00:00
vuxml.freebsd.org
135
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.062 Low
EPSS
Percentile
93.5%
The OpenSSL project reports:
X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) (High):
A buffer overrun can be triggered in X.509 certificate verification,
specifically in name constraint checking.
X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
(High): A buffer overrun can be triggered in X.509 certificate
verification, specifically in name constraint checking.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | openssl-devel | < 3.0.7 | UNKNOWN |
References
Related
oraclelinux
oraclelinux
openssl security update
2022-11-01 00:00:00
openssl security update
2022-11-01 00:00:00
openssl security update
2022-11-17 00:00:00
f5
f5
OpenSSL vulnerabilities CVE-2022-3786 and CVE-2022-3602
2022-10-28 17:31:00
rocky
rocky
openssl security update
2022-11-01 18:25:07
gentoo
gentoo
OpenSSL: Multiple Vulnerabilities
2022-11-01 00:00:00
ibm
ibm
redhat
redhat
(RHSA-2022:7288) Important: openssl security update
2022-11-01 18:25:07
(RHSA-2022:7384) Important: openssl-container security update
2022-11-02 18:29:10
(RHSA-2023:0786) Important: Network observability 1.1.0 security update
2023-02-15 11:39:53
ics
ics
Hitachi Energy PCU400
2023-01-19 12:00:00
Siemens Products affected by OpenSSL 3.0
2022-12-15 12:00:00
Hitachi Energy Lumada Asset Performance Management
2023-01-05 12:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: openssl-3.0.5-3.fc37
2022-11-02 02:01:31
[SECURITY] Fedora 36 Update: openssl-3.0.5-2.fc36
2022-11-02 01:50:12
fortinet
fortinet
Protect
2022-10-28 00:00:00
nessus
nessus
Fedora 36 : 1:openssl (2022-502f096dce)
2022-11-01 00:00:00
Oracle Linux 9 : openssl (ELSA-2022-7288)
2022-11-02 00:00:00
Tenable Nessus Agent 10.x < 10.2.1 Multiple Vulnerabilities (TNS-2022-22)
2022-11-04 00:00:00
osv
osv
Important: openssl security update
2022-11-01 00:00:00
Important: openssl security update
2022-11-01 18:25:07
openssl vulnerabilities
2022-11-01 16:24:36
rapid7blog
rapid7blog
checkpoint_advisories
checkpoint_advisories
OpenSSL Buffer Overflow (CVE-2022-3602; CVE-2022-3786)
2022-11-03 00:00:00
OpenSSL Buffer Overflow (CVE-2022-3786)
2022-11-03 00:00:00
talosblog
talosblog
Threat Advisory: High Severity OpenSSL Vulnerabilities
2022-11-01 19:03:49
cisa
cisa
OpenSSL Releases Security Update
2022-11-01 00:00:00
ubuntucve
ubuntucve
CVE-2022-3786
2022-11-01 00:00:00
CVE-2022-3602
2022-11-01 00:00:00
almalinux
almalinux
Important: openssl security update
2022-11-01 00:00:00
cisco
cisco
Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022
2022-10-28 16:00:00
arista
arista
Security Advisory 0081
2022-11-01 00:00:00
kaspersky
kaspersky
KLA20037 Multiple vulnerabilities in Microsoft Open Source Software
2022-11-02 00:00:00
KLA20036 Multiple vulnerabilities in Microsoft Azure
2022-11-02 00:00:00
qualysblog
qualysblog
wizblog
wizblog
OpenSSL vulnerabilities: Everything you need to know
2022-10-29 04:11:46
amd
amd
OpenSSL Vulnerabilities
2023-08-08 00:00:00
intel
intel
photon
photon
Important Photon OS Security Update - PHSA-2022-0272
2022-11-02 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0272
2022-11-02 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0011
2023-05-24 00:00:00
nvidia
nvidia
Security Notice: NVIDIA Response to OpenSSL Vulnerabilities - November 2022
2022-11-01 00:00:00
hivepro
hivepro
Patch available for pre-announced Critical Vulnerability in OpenSSL
2022-11-02 07:27:54
akamaiblog
akamaiblog
suse
suse
Security update for openssl-3 (critical)
2022-11-01 00:00:00
trellix
trellix
CVE-2023-0286: The OpenSSL Who Cried “Severity: High
2023-02-09 00:00:00
OpenSSL 3.0 Vulnerabilities: CVE 2022-3786 and CVE 2022-3602
2022-11-01 00:00:00
CVE-2023-0286: The OpenSSL Who Cried “Severity: High
2023-02-09 00:00:00
msrc
msrc
Awareness and guidance related to OpenSSL 3.0 - 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602)
2022-11-02 07:00:00
Awareness and guidance related to OpenSSL 3.0 - 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602)
2022-11-02 07:00:00
OpenSSL 3.0 ~ 3.0.6 のリスク (CVE-2022-3786 および CVE-2202-3602) に関する認識とガイダンス
2022-11-03 07:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2022-11-01 00:00:00
mscve
mscve
OpenSSL: CVE-2022-3602 X.509 certificate verification buffer overrun
2022-11-02 07:00:00
OpenSSL: CVE-2022-3786 X.509 certificate verification buffer overrun
2022-11-02 07:00:00
nodejsblog
nodejsblog
Nov 3 2022 Security Releases
2022-11-01 00:00:00
aix
aix
Multiple vulnerabilities in OpenSSL affect AIX
2023-01-24 09:22:21
cert
cert
thn
thn
OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities
2022-11-01 16:26:00
veracode
veracode
Buffer Overflow
2022-11-01 19:44:02
Buffer Overflow
2022-11-01 17:29:15
alpinelinux
alpinelinux
CVE-2022-3786
2022-11-01 18:15:00
CVE-2022-3602
2022-11-01 18:15:00
githubexploit
githubexploit
Exploit for Classic Buffer Overflow in Openssl
2022-12-13 16:43:01
Exploit for Out-of-bounds Write in Openssl
2022-10-30 23:32:56
Exploit for Out-of-bounds Write in Openssl
2022-10-31 18:52:24
openssl
openssl
Vulnerability in OpenSSL CVE-2022-3786
2022-11-01 00:00:00
Vulnerability in OpenSSL CVE-2022-3602
2022-11-01 00:00:00
prion
prion
Stack overflow
2022-11-01 18:15:00
Stack overflow
2022-11-01 18:15:00
github
github
X.509 Email Address 4-byte Buffer Overflow
2022-11-01 17:45:59
X.509 Email Address Variable Length Buffer Overflow
2022-11-01 17:45:21
redhatcve
redhatcve
CVE-2022-3786
2022-11-01 16:26:08
CVE-2022-3602
2022-11-01 16:25:59
rustsec
rustsec
X.509 Email Address Variable Length Buffer Overflow
2022-11-01 12:00:00
X.509 Email Address 4-byte Buffer Overflow
2022-11-01 12:00:00
cve
cve
CVE-2022-3786
2022-11-01 18:15:00
CVE-2022-3602
2022-11-01 18:15:00
cgr
cgr
CVE-2022-3786 vulnerabilities
2024-04-19 09:08:06
CVE-2022-3602 vulnerabilities
2024-04-19 09:08:06
cnvd
cnvd
OpenSSL Denial of Service Vulnerability (CNVD-2022-73349)
2022-11-03 00:00:00
OpenSSL Remote Code Execution Vulnerability (CNVD-2022-73348)
2022-11-03 00:00:00
debiancve
debiancve
CVE-2022-3786
2022-11-01 18:15:00
CVE-2022-3602
2022-11-01 18:15:00
wolfi
wolfi
CVE-2022-3786 vulnerabilities
2024-04-19 09:07:41
CVE-2022-3602 vulnerabilities
2024-04-19 09:07:41
filippoio
filippoio
Why Did the OpenSSL Punycode Vulnerability Happen
2022-11-02 17:22:29
avleonov
avleonov
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.062 Low
EPSS
Percentile
93.5%
Related for 0844671C-5A09-11ED-856E-D4C9EF517024