[MS:CVE-2022-3786] OpenSSL: CVE-2022-3786 X.509 certificate verification buffer overrun
Severity
High
Affected Packages
3
Fixed Packages
3
CVEs
1
OpenSSL: CVE-2022-3786 X.509 certificate verification buffer overrun
Package | Fixed Version |
---|---|
pkg:generic/microsoft/vcpkg | |
pkg:generic/microsoft/Microsoft%20Azure%20Kubernetes%20Service | = 2022.11.02 |
pkg:generic/microsoft/Azure%20SDK%20for%20C%2B%2B |
- ID
- MS:CVE-2022-3786
- Severity
- high
- Severity from
- CVE-2022-3786
- URL
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3786
- Published
-
2022-11-02T07:00:00
(22 months ago) - Modified
-
2022-11-02T07:00:00
(22 months ago) - Rights
- The Microsoft Security Response Center (MSRC) Team
- Other Advisories
-
- ALPINE:CVE-2022-3786
- ALSA-2022:7288
- CISCO-SA-OPENSSL-W9SDCC2A
- ELSA-2022-10004
- ELSA-2022-7288
- ELSA-2022-9968
- FEDORA-2022-0f1d2e0537
- FEDORA-2022-502f096dce
- FREEBSD:0844671C-5A09-11ED-856E-D4C9EF517024
- GLSA-202211-01
- GLSA-202405-29
- RHSA-2022:7288
- RLSA-2022:7288
- RUSTSEC-2022-0065
- SECADV-20221101-1
- SUSE-SU-2022:3843-1
- SUSE-SU-2022:4586-1
- USN-5710-1
- VU:794340
Source | # ID | Name | URL |
---|---|---|---|
Vendor Fix | Release Notes - Microsoft Azure Kubernetes Service | https://github.com/Azure/AKS/issues/3299 | |
Vendor Fix | Release Notes - vcpkg | https://devblogs.microsoft.com/cppblog/fix-for-high-risk-openssl-security-vulnerabilities-announced-guidance-for-vcpkg-users/ | |
Vendor Fix | Release Notes - Azure SDK for C++ | https://devblogs.microsoft.com/cppblog/fix-for-high-risk-openssl-security-vulnerabilities-announced-guidance-for-vcpkg-users/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:generic/microsoft/vcpkg | microsoft | vcpkg | ||||
Fixed | pkg:generic/microsoft/vcpkg | microsoft | vcpkg | ||||
Affected | pkg:generic/microsoft/Microsoft%20Azure%20Kubernetes%20Service | microsoft | Microsoft Azure Kubernetes Service | ||||
Fixed | pkg:generic/microsoft/Microsoft%20Azure%20Kubernetes%20Service | microsoft | Microsoft Azure Kubernetes Service | = 2022.11.02 | |||
Affected | pkg:generic/microsoft/Azure%20SDK%20for%20C%2B%2B | microsoft | Azure SDK for C++ | ||||
Fixed | pkg:generic/microsoft/Azure%20SDK%20for%20C%2B%2B | microsoft | Azure SDK for C++ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |