Lucene search
OracleLinuxELSA-2023-1405HistoryMar 22, 2023 - 12:00 a.m.
openssl security update
2023-03-2200:00:00
linux.oracle.com
14
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
54.1%
[1:1.1.1k-9]
- Fixed Timing Oracle in RSA Decryption
Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex
Resolves: CVE-2022-4450 - Fixed Use-after-free following BIO_new_NDEF
Resolves: CVE-2023-0215 - Fixed X.400 address type confusion in X.509 GeneralName
Resolves: CVE-2023-0286
[1:1.1.1k-8] - Fix no-ec build
Resolves: rhbz#2071020
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | openssl | < 1.1.1k-9.el8_7 | openssl-1.1.1k-9.el8_7.src.rpm |
| oracle linux | 8 | aarch64 | openssl | < 1.1.1k-9.el8_7 | openssl-1.1.1k-9.el8_7.aarch64.rpm |
| oracle linux | 8 | aarch64 | openssl-devel | < 1.1.1k-9.el8_7 | openssl-devel-1.1.1k-9.el8_7.aarch64.rpm |
| oracle linux | 8 | aarch64 | openssl-libs | < 1.1.1k-9.el8_7 | openssl-libs-1.1.1k-9.el8_7.aarch64.rpm |
| oracle linux | 8 | aarch64 | openssl-perl | < 1.1.1k-9.el8_7 | openssl-perl-1.1.1k-9.el8_7.aarch64.rpm |
| oracle linux | 8 | src | openssl | < 1.1.1k-9.el8_7 | openssl-1.1.1k-9.el8_7.src.rpm |
| oracle linux | 8 | x86_64 | openssl | < 1.1.1k-9.el8_7 | openssl-1.1.1k-9.el8_7.x86_64.rpm |
| oracle linux | 8 | i686 | openssl-devel | < 1.1.1k-9.el8_7 | openssl-devel-1.1.1k-9.el8_7.i686.rpm |
| oracle linux | 8 | x86_64 | openssl-devel | < 1.1.1k-9.el8_7 | openssl-devel-1.1.1k-9.el8_7.x86_64.rpm |
| oracle linux | 8 | i686 | openssl-libs | < 1.1.1k-9.el8_7 | openssl-libs-1.1.1k-9.el8_7.i686.rpm |
Related
nessus
nessus
EulerOS 2.0 SP10 : openssl (EulerOS-SA-2023-1982)
2023-05-18 00:00:00
AlmaLinux 8 : openssl (ALSA-2023:1405)
2023-03-23 00:00:00
EulerOS 2.0 SP10 : openssl (EulerOS-SA-2023-1960)
2023-05-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1t-alt1
2023-02-10 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1t-alt1
2023-02-20 00:00:00
ibm
ibm
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:0309-1)
2023-02-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0311-1)
2023-02-08 00:00:00
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2299)
2023-07-04 00:00:00
ics
ics
Hitachi Energy Lumada APM Edge
2023-09-12 12:00:00
Siemens SCALANCE W1750D Devices
2023-03-16 12:00:00
Mitsubishi Electric Factory Automation Products
2024-01-04 12:00:00
almalinux
almalinux
Important: edk2 security update
2023-05-16 00:00:00
Important: openssl security update
2023-03-22 00:00:00
Important: edk2 security, bug fix, and enhancement update
2023-05-09 00:00:00
oraclelinux
oraclelinux
edk2 security update
2023-12-07 00:00:00
edk2 security update
2023-05-24 00:00:00
edk2 security update
2023-12-07 00:00:00
freebsd
freebsd
FreeBSD -- Multiple vulnerabilities in OpenSSL
2023-02-16 00:00:00
redhat
redhat
(RHSA-2023:3420) Important: Red Hat JBoss Web Server 5.7.3 release and security update
2023-06-05 13:52:35
(RHSA-2023:1405) Important: openssl security update
2023-03-22 10:18:26
freebsd_advisory
freebsd_advisory
FreeBSD-SA-23:03.openssl
2023-02-16 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: edk2-20221117gitfff6d81270b5-13.fc37
2023-02-16 02:06:48
[SECURITY] Fedora 36 Update: edk2-20221117gitfff6d81270b5-14.fc36
2023-03-05 00:54:06
osv
osv
Important: edk2 security update
2023-05-16 00:00:00
Important: openssl security update
2023-03-22 00:00:00
Important: openssl security update
2023-03-28 13:07:30
rocky
rocky
openssl security update
2023-03-28 13:07:30
openssl security and bug fix update
2023-03-29 16:47:51
slackware
slackware
[slackware-security] openssl
2023-02-07 20:57:57
amazon
amazon
Important: openssl11
2023-02-03 19:19:00
Important: openssl
2023-02-03 23:39:00
Important: openssl
2023-02-03 19:19:00
debian
debian
[SECURITY] [DSA 5343-1] openssl security update
2023-02-07 21:05:48
[SECURITY] [DLA 3325-1] openssl security update
2023-02-20 11:11:21
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0530
2023-02-10 00:00:00
ubuntu
ubuntu
Node.js vulnerabilities
2024-01-03 00:00:00
OpenSSL vulnerabilities
2023-02-07 00:00:00
OpenSSL vulnerabilities
2023-02-07 00:00:00
redos
redos
ROS-20230418-05
2023-04-18 00:00:00
cloudfoundry
cloudfoundry
USN-5845-1: OpenSSL vulnerabilities | Cloud Foundry
2023-02-24 00:00:00
cloudlinux
cloudlinux
openssl: Fix of 2 CVEs
2023-02-10 10:39:56
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
54.1%
Related for ELSA-2023-1405