Lucene search

FreeBSD4EEB93BF-F204-11EC-8FBD-D4C9EF517024

HistoryJun 21, 2022 - 12:00 a.m.

OpenSSL -- Command injection vulnerability

2022-06-2100:00:00

vuxml.freebsd.org

0.085 Low

EPSS

Percentile

94.4%

JSON

The OpenSSL project reports:

Circumstances where the c_rehash script does not properly
sanitise shell metacharacters to prevent command injection were
found by code review.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchopenssl< 1.1.1p,1UNKNOWN
FreeBSDanynoarchopenssl-devel< 3.0.4UNKNOWN
FreeBSDanynoarchopenssl-quictls< 3.0.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	openssl	< 1.1.1p,1	UNKNOWN
FreeBSD	any	noarch	openssl-devel	< 3.0.4	UNKNOWN
FreeBSD	any	noarch	openssl-quictls	< 3.0.4	UNKNOWN

References

www.openssl.org/news/secadv/20220621.txt

osv

heap buffer overflow in OpenSSL version 3.0.4

2022-06-28 02:20:38

heap buffer overflow in OpenSSL version 3.0.4

2022-06-28 02:20:38

openssl, openssl1.0 vulnerability

2022-06-21 14:36:21

ibm

Security Bulletin: IBM Aspera Orchestrator affected by OpenSSL vulnerability (CVE-2022-2068)

2023-02-02 17:25:41

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary command execution in OpenSSL (CVE-2022-2068)

2023-02-01 15:38:14

Security Bulletin: IBM Sterling Connect:Direct for UNIX Container is vulnerable to execute arbitrary commands due to OpenSSL (CVE-2022-2068)

2022-09-14 14:09:15

ubuntu

OpenSSL vulnerability

2022-07-06 00:00:00

OpenSSL vulnerability

2022-06-21 00:00:00

Node.js vulnerabilities

2023-10-30 00:00:00

openvas

Ubuntu: Security Advisory (USN-5488-1)

2022-06-22 00:00:00

Fedora: Security Advisory for openssl1.1 (FEDORA-2022-3b7d0abd0b)

2022-07-07 00:00:00

Mageia: Security Advisory (MGASA-2022-0246)

2022-07-01 00:00:00

rocky

openssl security and bug fix update

2023-01-26 21:50:01

openssl security update

2022-08-02 07:00:02

ics

Mitsubishi Electric GT SoftGOT2000

2022-11-15 12:00:00

debian

[SECURITY] [DSA 5169-1] openssl security update

2022-06-26 18:27:15

altlinux

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1q-alt1

2022-07-08 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1q-alt1

2022-07-05 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1p-alt1

2022-06-22 00:00:00

veracode

Command Injection

2022-06-22 12:42:34

nodejsblog

OpenSSL update assessment, and Node.js project plans

2022-06-21 00:00:00

OpenSSL update assessment, and Node.js project plans

2022-06-21 00:00:00

cloudfoundry

USN-5488-1: OpenSSL vulnerability | Cloud Foundry

2022-07-28 00:00:00

cbl_mariner

CVE-2022-2068 affecting package openssl 1.1.1k-16

2022-07-14 20:59:56

CVE-2022-2068 affecting package openssl for versions less than 1.1.1k-17

2022-07-01 21:02:21

mageia

Updated openssl packages fix security vulnerability

2022-07-01 00:31:09

photon

Moderate Photon OS Security Update - PHSA-2022-0408

2022-06-22 00:00:00

Critical Photon OS Security Update - PHSA-2022-3.0-0408

2022-06-22 00:00:00

Moderate Photon OS Security Update - PHSA-2022-0490

2022-06-23 00:00:00

fedora

[SECURITY] Fedora 36 Update: openssl1.1-1.1.1p-1.fc36

2022-07-06 01:38:37

[SECURITY] Fedora 35 Update: openssl-1.1.1q-1.fc35

2022-07-23 02:27:30

nessus

Amazon Linux 2 : openssl (ALAS-2022-1831)

2022-08-08 00:00:00

SUSE SLES12 Security Update : openssl (SUSE-SU-2022:2181-1)

2022-06-27 00:00:00

SUSE SLES15 Security Update : openssl (SUSE-SU-2022:2179-1)

2022-06-25 00:00:00

openssl

Vulnerability in OpenSSL CVE-2022-2068

2022-06-21 00:00:00

broadcom

openssl file names of certificates being hashed were possibly passed to a command executed through the shell

2023-08-01 00:00:00

amazon

Medium: openssl

2022-07-28 21:55:00

Medium: openssl11

2022-07-28 21:55:00

Medium: openssl

2022-07-28 20:38:00

redhat

(RHSA-2022:8913) Moderate: Red Hat JBoss Web Server 5.7.1 release and security update

2022-12-12 12:28:19

(RHSA-2022:8917) Moderate: Red Hat JBoss Web Server 5.7.1 release and security update

2022-12-12 12:20:51

(RHSA-2022:5818) Moderate: openssl security update

2022-08-02 07:00:02

cloudlinux

Fixed CVEs in openssl: CVE-2022-1292, CVE-2022-2068

2022-07-14 16:53:26

ubuntucve

CVE-2022-2068

2022-06-21 00:00:00

suse

Security update for openssl-1_0_0 (moderate)

2022-07-07 00:00:00

Security update for openssl-1_1 (moderate)

2022-07-04 00:00:00

Security update for openssl-1_1 (moderate)

2022-09-01 00:00:00

cvelist

CVE-2022-2068 The c_rehash script allows command injection

2022-06-21 00:00:00

debiancve

CVE-2022-2068

2022-06-21 15:15:00

prion

Command injection

2022-06-21 15:15:00

redhatcve

CVE-2022-2068

2022-06-22 06:36:12

K21600298 : OpenSSL vulnerabilities CVE-2022-1292 and CVE-2022-2068

2022-08-05 00:00:00

cve

CVE-2022-2068

2022-06-21 15:15:00

slackware

[slackware-security] Slackware 14.2 openssl

2022-06-28 19:28:45

[slackware-security] openssl

2022-06-23 05:32:23

alpinelinux

CVE-2022-2068

2022-06-21 15:15:00

oraclelinux

openssl security update

2022-08-05 00:00:00

openssl security update

2022-08-02 00:00:00

openssl security and bug fix update

2022-08-30 00:00:00

aix

AIX is vulnerable to arbitrary command execution due to OpenSSL

2022-08-17 16:39:03

almalinux

Moderate: openssl security update

2022-08-03 00:00:00

Moderate: openssl security and bug fix update

2022-08-30 00:00:00

thn

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

2023-01-18 05:56:00

0.085 Low

EPSS

Percentile

94.4%

JSON

Related for 4EEB93BF-F204-11EC-8FBD-D4C9EF517024