[FREEBSD:0844671C-5A09-11ED-856E-D4C9EF517024] OpenSSL -- Buffer overflows in Email verification
Severity
High
Affected Packages
1
CVEs
2
The OpenSSL project reports:
X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) (High):
A buffer overrun can be triggered in X.509 certificate verification,
specifically in name constraint checking.
X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
(High): A buffer overrun can be triggered in X.509 certificate
verification, specifically in name constraint checking.
Package | Affected Version |
---|---|
pkg:freebsd/openssl-devel | < 3.0.7 |
- ID
- FREEBSD:0844671C-5A09-11ED-856E-D4C9EF517024
- Severity
- high
- Severity from
- CVE-2022-3602
- URL
- http://vuxml.freebsd.org/freebsd/0844671c-5a09-11ed-856e-d4c9ef517024.html
- Published
-
2022-11-01T00:00:00
(22 months ago) - Modified
-
2022-11-01T00:00:00
(22 months ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALPINE:CVE-2022-3602
- ALPINE:CVE-2022-3786
- ALSA-2022:7288
- CISCO-SA-OPENSSL-W9SDCC2A
- ELSA-2022-10004
- ELSA-2022-7288
- ELSA-2022-9968
- FEDORA-2022-0f1d2e0537
- FEDORA-2022-502f096dce
- GLSA-202211-01
- GLSA-202405-29
- MS:CVE-2022-3602
- MS:CVE-2022-3786
- RHSA-2022:7288
- RLSA-2022:7288
- RUSTSEC-2022-0064
- RUSTSEC-2022-0065
- SECADV-20221101-1
- SECADV-20221101-2
- SUSE-SU-2022:3843-1
- SUSE-SU-2022:4586-1
- USN-5710-1
- VU:794340
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://www.openssl.org/news/secadv/20221101.txt |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/openssl-devel | openssl-devel | < 3.0.7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |