164 matches found
Stack overflow
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
roaring-landmask (=0.4.0) potentially affected by CVE-2022-3602 via openssl-src (=300.0.0+3.0.0)
openssl-src CARGO version =300.0.0+3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - roaring-landmask =0.4.0 Source cves: CVE-2022-3602 Source advisory: OSV:GHSA-8RWR-X37P-MX23...
GHSA-8RWR-X37P-MX23 X.509 Email Address 4-byte Buffer Overflow
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
SUSE-SU-2022:3843-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2022-3358: Fixed vulnerability where a custom cipher passed to EVPCipherInit could lead into NULL encryption being unexpectedly used bsc1204226. - CVE-2022-3602: Fixed a buffer overflow in the X.509 email address. bsc1204714 -...
roaring-landmask (=0.4.0) potentially affected by CVE-2022-3602 via openssl-src (=300.0.0+3.0.0)
openssl-src CARGO version =300.0.0+3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - roaring-landmask =0.4.0 Source cves: CVE-2022-3602 Source advisory: OSV:RUSTSEC-2022-0064...
X.509 Email Address 4-byte Buffer Overflow
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
RUSTSEC-2022-0064 X.509 Email Address 4-byte Buffer Overflow
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
CVE-2022-3602
OpenSSL CVE-2022-3602 is a stack-based buffer overrun in X.509 name-contraint verification that can crash a TLS client/server or, potentially, allow RCE. The issue is triggered by crafting an email address and affects OpenSSL 3.0.x (3.0.0–3.0.6). Mitigation is upgrading to OpenSSL 3.0.7 or later ...
OpenSSL Releases Security Update
OpenSSL has released a security advisory to address two vulnerabilities, CVE-2022-3602 and CVE-2022-3786, affecting OpenSSL versions 3.0.0 through 3.0.6. Both CVE-2022-3602 and CVE-2022-3786 can cause a denial of service. According to OpenSSL, a cyber threat actor leveraging CVE-2022-3786, "can...
Vulnerability in OpenSSL - X.509 Email Address 4-byte Buffer Overflow
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
CVE-2022-3602 X.509 Email Address 4-byte Buffer Overflow
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
openssl security update
3.0.1-43.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-43 - CVE-2022-3602: X.509 Email Address Buffer Overflow - running tests Resolves: CVE-2022-3602 1:3.0.1-42 - CVE-2022-3602: X.509 Email Address Buffer Overflow Resolves: CVE-2022-3602...
Fedora 36 : openssl (2022-502f096dce)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-502f096dce advisory. Security fix for CVE-2022-3602 and CVE-2022-3786 Tenable has extracted the preceding description block directly from the Fedora security advisory...
CVE-2022-3602 X.509 Email Address 4-byte Buffer Overflow
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
OpenSSL -- Buffer overflows in Email verification
The OpenSSL project reports: X.509 Email Address 4-byte Buffer Overflow CVE-2022-3602 High: A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. X.509 Email Address Variable Length Buffer Overflow CVE-2022-3786 High: A buffer overrun can b...
CVE-2022-3602
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly
Overview Two buffer overflow vulnerabilities were discovered in OpenSSL versions 3.0.0 through 3.0.6. These vulnerabilities were introduced in version 3.0.0 with the inclusion of support for punycode email address parsing for X.509 certificates. OpenSSL's assessment of the severity of the...
Exploit for Out-of-bounds Write in Openssl
CVE-2022-3602 DOS poc Buff...
OpenSSL vulnerabilities: Everything you need to know
On November 1st, 2022, the OpenSSL Project disclosed High severity vulnerabilities CVE-2022-3786 and CVE-2022-3602, affecting deployments of OpenSSL 3.0.0–3.0.6. Learn how to effectively manage your organization's patching efforts...
Protect
CVE-2022-3602: A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue...