1. Home
  2. Security Advisories
  3. FreeBSD
  4. FREEBSD:425B9538-CE5F-11ED-ADE3-D4C9EF517024

[FREEBSD:425B9538-CE5F-11ED-ADE3-D4C9EF517024] OpenSSL -- Multiple vulnerabilities

Severity Medium
Affected Packages 4
CVEs 2
Info Packages References Vulnerabilities

The OpenSSL project reports:

  Severity: low
  Applications that use a non-default option when verifying certificates may be
    vulnerable to an attack from a malicious CA to circumvent certain checks.
  The function X509_VERIFY_PARAM_add0_policy() is documented to
    implicitly enable the certificate policy check when doing certificate
    verification. However the implementation of the function does not
    enable the check which allows certificates with invalid or incorrect
    policies to pass the certificate verification.
Package Affected Version
pkg:freebsd/openssl31 < 3.1.0_2
pkg:freebsd/openssl30 < 3.0.8_2
pkg:freebsd/openssl-quic < 3.0.8_2
pkg:freebsd/openssl < 1.1.1t,1_2
ID
FREEBSD:425B9538-CE5F-11ED-ADE3-D4C9EF517024
Severity
medium
Severity from
CVE-2023-0465
URL
http://vuxml.freebsd.org/freebsd/425b9538-ce5f-11ed-ade3-d4c9ef517024.html
Published
2023-03-28T00:00:00
(18 months ago)
Modified
2023-03-29T00:00:00
(18 months ago)
Rights
FreeBSD VuXML Security Team
Other Advisories
Source # ID Name URL
FreeBSD VuXML https://www.openssl.org/news/secadv/20230328.txt
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:freebsd/openssl31 openssl31 < 3.1.0_2
Affected pkg:freebsd/openssl30 openssl30 < 3.0.8_2
Affected pkg:freebsd/openssl-quic openssl-quic < 3.0.8_2
Affected pkg:freebsd/openssl openssl < 1.1.1t,1_2
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date