Lucene search
OracleLinuxELSA-2023-2932HistoryMay 24, 2023 - 12:00 a.m.
edk2 security update
2023-05-2400:00:00
linux.oracle.com
23
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
47.1%
[20220126gitbb1bba3d77-4]
- edk2-openssl-update.patch [bz#2164531 bz#2164543 bz#2164558 bz#2164581]
- edk2-rh-openssl-add-crypto-bn-rsa_sup_mul.c-to-file-list.patch [bz#2164531 bz#2164543 bz#2164558 bz#2164581]
- Resolves: bz#2164531
(CVE-2023-0286 edk2: openssl: X.400 address type confusion in X.509 GeneralName [rhel-8]) - Resolves: bz#2164543
(CVE-2022-4304 edk2: openssl: timing attack in RSA Decryption implementation [rhel-8]) - Resolves: bz#2164558
(CVE-2023-0215 edk2: openssl: use-after-free following BIO_new_NDEF [rhel-8]) - Resolves: bz#2164581
(CVE-2022-4450 edk2: openssl: double free after calling PEM_read_bio_ex [rhel-8])
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | edk2 | < 20220126gitbb1bba3d77-4.el8 | edk2-20220126gitbb1bba3d77-4.el8.src.rpm |
| oracle linux | 8 | noarch | edk2-aarch64 | < 20220126gitbb1bba3d77-4.el8 | edk2-aarch64-20220126gitbb1bba3d77-4.el8.noarch.rpm |
| oracle linux | 8 | src | edk2 | < 20220126gitbb1bba3d77-4.el8 | edk2-20220126gitbb1bba3d77-4.el8.src.rpm |
| oracle linux | 8 | noarch | edk2-ovmf | < 20220126gitbb1bba3d77-4.el8 | edk2-ovmf-20220126gitbb1bba3d77-4.el8.noarch.rpm |
Related
nessus
nessus
OpenSSL 1.1.1 < 1.1.1t Multiple Vulnerabilities
2023-02-07 00:00:00
Fedora 36 : edk2 (2023-e821b64a4c)
2023-03-05 00:00:00
oraclelinux
oraclelinux
openssl security update
2023-03-28 00:00:00
openssl security update
2023-03-22 00:00:00
edk2 security update
2023-12-06 00:00:00
osv
osv
Important: openssl security update
2023-03-22 00:00:00
Important: edk2 security update
2023-05-16 00:00:00
Important: openssl security update
2023-03-28 13:07:30
rocky
rocky
openssl security update
2023-03-28 13:07:30
ibm
ibm
Security Bulletin: IBM Watson Explorer affected by vulnerability in OpenSSL.
2023-04-06 14:11:51
openvas
openvas
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2275)
2023-07-04 00:00:00
Fedora: Security Advisory for edk2 (FEDORA-2023-e1ffb79ddf)
2023-02-17 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0310-1)
2023-02-08 00:00:00
redhat
redhat
(RHSA-2023:1405) Important: openssl security update
2023-03-22 10:18:26
(RHSA-2023:3421) Important: Red Hat JBoss Web Server 5.7.3 release and security update
2023-06-05 14:11:47
(RHSA-2023:2932) Important: edk2 security update
2023-05-16 05:58:27
fedora
fedora
[SECURITY] Fedora 37 Update: edk2-20221117gitfff6d81270b5-13.fc37
2023-02-16 02:06:48
[SECURITY] Fedora 36 Update: edk2-20221117gitfff6d81270b5-14.fc36
2023-03-05 00:54:06
[SECURITY] Fedora 37 Update: openssl-3.0.8-1.fc37
2023-02-11 00:33:44
almalinux
almalinux
Important: edk2 security update
2023-05-16 00:00:00
Important: openssl security update
2023-03-22 00:00:00
Important: edk2 security, bug fix, and enhancement update
2023-05-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1t-alt1
2023-02-10 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1t-alt1
2023-02-20 00:00:00
ics
ics
Hitachi Energy Lumada APM Edge
2023-09-12 12:00:00
Siemens SCALANCE W1750D Devices
2023-03-16 12:00:00
Mitsubishi Electric Factory Automation Products
2024-01-04 12:00:00
freebsd
freebsd
FreeBSD -- Multiple vulnerabilities in OpenSSL
2023-02-16 00:00:00
OpenSSL -- Multiple vulnerabilities
2023-02-07 00:00:00
slackware
slackware
[slackware-security] openssl
2023-02-07 20:57:57
amazon
amazon
Important: openssl11
2023-02-03 19:19:00
Important: openssl
2023-02-03 23:39:00
Important: openssl
2023-02-03 19:19:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-23:03.openssl
2023-02-16 00:00:00
ubuntu
ubuntu
Node.js vulnerabilities
2024-01-03 00:00:00
OpenSSL vulnerabilities
2023-02-07 00:00:00
OpenSSL vulnerabilities
2023-02-07 00:00:00
debian
debian
[SECURITY] [DSA 5343-1] openssl security update
2023-02-07 21:05:48
[SECURITY] [DLA 3325-1] openssl security update
2023-02-20 11:11:21
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0530
2023-02-10 00:00:00
redos
redos
ROS-20230418-05
2023-04-18 00:00:00
cloudfoundry
cloudfoundry
USN-5845-1: OpenSSL vulnerabilities | Cloud Foundry
2023-02-24 00:00:00
USN-5844-1: OpenSSL vulnerabilities | Cloud Foundry
2023-02-24 00:00:00
cloudlinux
cloudlinux
openssl: Fix of 2 CVEs
2023-02-10 10:39:56
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
47.1%
Related for ELSA-2023-2932