[FREEBSD:0844671C-5A09-11ED-856E-D4C9EF517024] OpenSSL -- Buffer overflows in Email verification

Severity High

Affected Packages 1

CVEs 2

The OpenSSL project reports:

  X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) (High):
    A buffer overrun can be triggered in X.509 certificate verification,
    specifically in name constraint checking.
  X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
    (High): A buffer overrun can be triggered in X.509 certificate
    verification, specifically in name constraint checking.

Package	Affected Version
pkg:freebsd/openssl-devel	< 3.0.7

ID

FREEBSD:0844671C-5A09-11ED-856E-D4C9EF517024

Severity

high

Severity from

CVE-2022-3602

URL

http://vuxml.freebsd.org/freebsd/0844671c-5a09-11ed-856e-d4c9ef517024.html

Published

2022-11-01T00:00:00
(22 months ago)

Modified

2022-11-01T00:00:00
(22 months ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			https://www.openssl.org/news/secadv/20221101.txt

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:freebsd/openssl-devel		openssl-devel	< 3.0.7

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date