Tavis Ormandy discovered that OpenSSL incorrectly parsed certain
certificates. A remote attacker could possibly use this issue to cause
OpenSSH to stop responding, resulting in a denial of service.

References

ubuntu.com/security/CVE-2022-0778

ubuntu.com/security/notices/USN-5328-2

checkpoint_security 2

nessus 73

oraclelinux 8

altlinux 5

photon 1

osv 10

ibm 25

paloalto 1

almalinux 2

rocky 3

githubexploit 5

openvas 32

ubuntu 1

veracode 1

suse 1

thn 1

debian 1

redhat 6

cloudlinux 1

openssl 1

cloudfoundry 2

centos 1

mageia 1

checkpoint_advisories 1

fortinet 1

hivepro 1

fedora 1

debiancve 1

cve 1

slackware 1

amazon 2

alpinelinux 1

cbl_mariner 1

ubuntucve 1

prion 1

redos 1

ics 1

checkpoint_security

Check Point response to CVE-2022-0778

2022-07-03 22:15:24

Check Point response to OpenSSL CVE-2022-0778 (possible infinite loop when parsing ECDSA certificates/keys)

2022-03-16 06:41:44

nessus

RHEL 7 : openssl (RHSA-2022:1078)

2022-03-29 00:00:00

Oracle Linux 8 : openssl (ELSA-2022-9258)

2022-03-31 00:00:00

Oracle Linux 7 : openssl (ELSA-2022-1066)

2022-03-29 00:00:00

oraclelinux

openssl security update

2022-03-23 00:00:00

openssl security update

2022-03-28 00:00:00

openssl security update

2022-03-31 00:00:00

altlinux

Security fix for the ALT Linux 9 package openssl10 version 1.0.2u-alt1.p9.2

2022-03-24 00:00:00

Security fix for the ALT Linux 10 package node version 14.19.1-alt1

2022-04-29 00:00:00

Security fix for the ALT Linux 10 package node version 16.14.2-alt1

2022-04-23 00:00:00

photon

Important Photon OS Security Update - PHSA-2022-0162

2022-03-16 00:00:00

osv

Low: compat-openssl10 security update

2022-06-28 10:53:54

openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates

2022-03-16 00:00:45

Important: openssl security update

2022-03-28 07:46:07

ibm

Security Bulletin: Vulnerability in OpenSSL (CVE-2022-0778) affects PowerVM

2022-07-15 17:17:19

Security Bulletin: Vulnerability in Fabric OS firmware used by IBM b-type SAN directors and switches.

2022-08-30 23:39:30

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in OpenSSL

2022-05-26 01:20:40

paloalto

Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778

2022-03-31 02:30:00

almalinux

Low: compat-openssl10 security update

2022-06-30 00:00:00

Important: openssl security update

2022-03-28 07:46:07

rocky

openssl security update

2022-03-28 07:46:07

compat-openssl10 security update

2022-06-28 10:53:54

compat-openssl11 security and bug fix update

2022-06-02 21:13:31

githubexploit

Exploit for Infinite Loop in Openssl

2023-09-12 05:16:27

Exploit for Infinite Loop in Openssl

2022-04-18 07:51:18

Exploit for Infinite Loop in Openssl

2022-04-04 18:09:06

openvas

SUSE: Security Advisory (SUSE-SU-2022:0860-1)

2022-03-16 00:00:00

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-1753)

2022-05-25 00:00:00

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2022-2831)

2022-12-22 00:00:00

ubuntu

OpenSSL vulnerability

2022-03-15 00:00:00

veracode

Denial Of Service (DoS)

2022-03-16 09:55:55

suse

Security update for openssl-1_0_0 (important)

2022-03-15 00:00:00

thn

QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices

2022-03-31 03:23:00

debian

[SECURITY] [DLA 2953-1] openssl1.0 security update

2022-03-17 09:50:32

redhat

(RHSA-2022:1065) Important: openssl security update

2022-03-28 07:46:07

(RHSA-2022:1066) Important: openssl security update

2022-03-28 08:37:05

(RHSA-2022:1520) Important: Red Hat JBoss Web Server 5.6.2 Security Update

2022-05-02 11:02:38

cloudlinux

Fix of CVE: CVE-2022-0778

2022-03-17 20:51:13

openssl

Vulnerability in OpenSSL CVE-2022-0778

2022-03-15 00:00:00

cloudfoundry

USN-5328-2: OpenSSL vulnerabilityUSN-5328-2: OpenSSL vulnerability | Cloud Foundry

2022-04-21 00:00:00

USN-5328-1: OpenSSL vulnerability | Cloud Foundry

2022-05-23 00:00:00

centos

openssl security update

2022-03-29 13:36:31

mageia

Updated openssl packages fix security vulnerability

2022-03-23 11:36:28

checkpoint_advisories

OpenSSL Denial of Service (CVE-2022-0778)

2022-03-27 00:00:00

fortinet

Protect

2022-04-01 00:00:00

hivepro

OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop

2022-03-17 14:17:00

fedora

[SECURITY] Fedora 35 Update: openssl-1.1.1n-1.fc35

2022-03-22 03:44:53

debiancve

CVE-2022-0778

2022-03-15 17:15:00

cve

CVE-2022-0778

2022-03-15 17:15:00

slackware

[slackware-security] openssl

2022-03-17 19:59:07

amazon

Important: openssl, openssl11

2022-03-15 18:49:00

Important: openssl

2022-03-15 18:54:00

alpinelinux

CVE-2022-0778

2022-03-15 17:15:00

cbl_mariner

CVE-2022-0778 affecting package openssl 1.1.1k-30

2022-04-09 06:51:56

ubuntucve

CVE-2022-0778

2022-03-15 00:00:00

prion

Code injection

2022-03-15 17:15:00

redos

ROS-20220318-02

2022-03-18 00:00:00

ics

Siemens OpenSSL Affected Industrial Products (Update E)

2023-01-13 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.9%

JSON

Related for OSV:USN-5328-2