Lucene search

MicrosoftMS:CVE-2022-3786

HistoryNov 02, 2022 - 7:00 a.m.

OpenSSL: CVE-2022-3786 X.509 certificate verification buffer overrun

2022-11-0207:00:00

Microsoft

msrc.microsoft.com

openssl

x.509 certificate

buffer overrun

cve-2022-3786

microsoft

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

47.2%

JSON

Affected configurations

Vulners

Node

microsoftazure_kubernetes_serviceRange<2022.11.02

VendorProductVersionCPE
microsoftazure_kubernetes_service*cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	azure_kubernetes_service	*	cpe:2.3:a:microsoft:azure_kubernetes_service::::::::

msrc

Awareness and guidance related to OpenSSL 3.0 – 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602)

2022-11-03 00:46:06

OpenSSL 3.0 ~ 3.0.6 のリスク (CVE-2022-3786 および CVE-2202-3602) に関する認識とガイダンス

2022-11-03 07:00:00

Awareness and guidance related to OpenSSL 3.0 - 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602)

2022-11-02 07:00:00

mscve

OpenSSL: CVE-2022-3602 X.509 certificate verification buffer overrun

2022-11-02 07:00:00

cve

CVE-2202-3602

2023-07-28 09:27:21

CVE-2022-3786

2022-11-01 18:15:11

cert

OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly

2022-11-01 00:00:00

openssl

Vulnerability in OpenSSL - X.509 Email Address Variable Length Buffer Overflow

2022-11-01 00:00:00

githubexploit

Exploit for Classic Buffer Overflow in Openssl

2022-12-13 16:43:01

Exploit for Out-of-bounds Write in Openssl

2022-10-30 23:32:56

Exploit for Out-of-bounds Write in Openssl

2022-11-02 09:29:04

osv

CVE-2022-3786

2022-11-01 18:15:11

BIT-node-2022-3786

2024-03-06 11:02:40

CGA-w4g4-gv95-ff96

2024-06-06 12:29:40

cnvd

OpenSSL Denial of Service Vulnerability (CNVD-2022-73349)

2022-11-03 00:00:00

debiancve

CVE-2022-3786

2022-11-01 18:15:11

wolfi

CVE-2022-3786 vulnerabilities

2024-09-30 09:32:54

alpinelinux

CVE-2022-3786

2022-11-01 18:15:11

veracode

Buffer Overflow

2022-11-01 19:44:02

cvelist

CVE-2022-3786 X.509 Email Address Variable Length Buffer Overflow

2022-11-01 00:00:00

nvd

CVE-2022-3786

2022-11-01 18:15:11

checkpoint_advisories

OpenSSL Buffer Overflow (CVE-2022-3786)

2022-11-03 00:00:00

OpenSSL Buffer Overflow (CVE-2022-3602; CVE-2022-3786)

2022-11-03 00:00:00

redhatcve

CVE-2022-3786

2022-11-01 16:26:08

github

X.509 Email Address Variable Length Buffer Overflow

2022-11-01 17:45:21

rustsec

X.509 Email Address Variable Length Buffer Overflow

2022-11-01 12:00:00

prion

Stack overflow

2022-11-01 18:15:00

cgr

CVE-2022-3786 vulnerabilities

2024-05-19 03:07:16

openvas

OpenSSL: Multiple Vulnerabilities (Nov 2022) - Linux

2022-10-28 00:00:00

OpenSSL: Multiple Vulnerabilities (Nov 2022) - Windows

2022-10-28 00:00:00

Tenable Nessus Network Monitor < 6.1.1 Multiple Vulnerabilities (TNS-2022-25)

2022-12-20 00:00:00

oraclelinux

openssl security update

2022-11-01 00:00:00

openssl security update

2022-11-17 00:00:00

openssl security update

2022-11-01 00:00:00

fedora

[SECURITY] Fedora 37 Update: openssl-3.0.5-3.fc37

2022-11-02 02:01:31

[SECURITY] Fedora 36 Update: openssl-3.0.5-2.fc36

2022-11-02 01:50:12

nessus

Photon OS 4.0: Openssl PHSA-2022-4.0-0272

2024-07-23 00:00:00

Oracle Linux 9 : openssl (ELSA-2022-7288)

2022-11-02 00:00:00

Fedora 36 : 1:openssl (2022-502f096dce)

2022-11-01 00:00:00

ibm

Security Bulletin: IBM Aspera faspio Gateway affected by OpenSSL vulnerabilities (CVE-2022-3602, CVE-2022-3786)

2023-02-02 16:40:59

Security Bulletin: OpenSSL vulnerabilities might impact IBM Cloud Application Business Insights - CVE-2022-3602 & CVE-2022-3786

2022-12-30 15:09:22

Security Bulletin: Vulnerabilities in OpenSSL may affect IBM Spectrum Protect Plus (CVE-2022-3602, CVE-2022-3786)

2023-05-30 17:46:44

rapid7blog

CVE-2022-3786 and CVE-2022-3602: Two High-Severity Buffer Overflow Vulnerabilities in OpenSSL Fixed

2022-11-01 16:38:53

Rapid7’s Impact from OpenSSL Buffer Overflow Vulnerabilities (CVE-2022-3786 & CVE-2022-3602)

2022-11-11 13:41:22

Year in Review: Rapid7 Vulnerability Management

2023-01-09 17:00:00

fortinet

Protect

2022-10-28 00:00:00

kaspersky

KLA20036 Multiple vulnerabilities in Microsoft Azure

2022-11-02 00:00:00

KLA20037 Multiple vulnerabilities in Microsoft Open Source Software

2022-11-02 00:00:00

amd

OpenSSL Vulnerabilities

2023-08-08 00:00:00

nvidia

Security Notice: NVIDIA Response to OpenSSL Vulnerabilities - November 2022

2022-11-01 00:00:00

intel

Intel® Software Products Advisory for OpenSSL Vulnerabilities (CVE-2022-3786 & CVE-2022-3602) Advisory

2023-02-02 00:00:00

hivepro

Patch available for pre-announced Critical Vulnerability in OpenSSL

2022-11-02 07:27:54

akamaiblog

An update on the impact of OpenSSL CVE-2022-3602 and CVE-2022-3786 on Akamai's systems

2022-11-07 10:00:00

ics

Siemens Products affected by OpenSSL 3.0

2022-12-15 12:00:00

Hitachi Energy PCU400

2023-01-19 12:00:00

Hitachi Energy Lumada Asset Performance Management

2023-01-05 12:00:00

photon

Important Photon OS Security Update - PHSA-2022-0272

2022-11-02 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0272

2022-11-02 00:00:00

Critical Photon OS Security Update - PHSA-2023-5.0-0011

2023-05-24 00:00:00

qualysblog

Qualys Research Alert: OpenSSL 3.0.7 – What You Need To Know

2022-10-31 14:15:52

OpenSSL Vulnerability Recap

2022-11-03 17:00:00

November 2022 Patch Tuesday | Microsoft Releases 65 New Vulnerabilities with 10 Critical; Adobe Releases Zero Advisories (for the first time in six years).

2022-11-08 21:00:00

redhat

(RHSA-2022:7384) Important: openssl-container security update

2022-11-02 18:29:10

(RHSA-2022:7288) Important: openssl security update

2022-11-01 18:25:07

(RHSA-2023:0786) Important: Network observability 1.1.0 security update

2023-02-15 11:39:53

wizblog

OpenSSL vulnerabilities: Everything you need to know

2022-10-29 04:11:46

gentoo

OpenSSL: Multiple Vulnerabilities

2022-11-01 00:00:00

Node.js: Multiple Vulnerabilities

2024-05-08 00:00:00

rocky

openssl security update

2022-11-01 18:25:07

OpenSSL vulnerabilities CVE-2022-3786 and CVE-2022-3602

2022-10-28 17:31:00

cisa

OpenSSL Releases Security Update

2022-11-01 00:00:00

freebsd

OpenSSL -- Buffer overflows in Email verification

2022-11-01 00:00:00

cisco

Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022

2022-10-28 16:00:00

talosblog

Threat Advisory: High Severity OpenSSL Vulnerabilities

2022-11-01 19:03:49

arista

Security Advisory 0081

2022-11-01 00:00:00

ubuntucve

CVE-2022-3786

2022-11-01 00:00:00

almalinux

Important: openssl security update

2022-11-01 00:00:00

trellix

OpenSSL 3.0 Vulnerabilities: CVE 2022-3786 and CVE 2022-3602

2022-11-01 00:00:00

CVE-2023-0286: The OpenSSL Who Cried “Severity: High

2023-02-09 00:00:00

OpenSSL 3.0 Vulnerabilities: CVE 2022-3786 and CVE 2022-3602

2022-11-01 00:00:00

nodejsblog

Nov 3 2022 Security Releases

2022-11-01 00:00:00

aix

Multiple vulnerabilities in OpenSSL affect AIX

2023-01-24 09:22:21

ubuntu

OpenSSL vulnerabilities

2022-11-01 00:00:00

suse

Security update for openssl-3 (critical)

2022-11-01 00:00:00

thn

OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

2022-11-01 16:26:00

oracle

Oracle Critical Patch Update Advisory - July 2024

2024-07-16 00:00:00

Oracle Critical Patch Update Advisory - January 2024

2024-01-16 00:00:00

Oracle Critical Patch Update Advisory - January 2023

2023-01-17 00:00:00

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

47.2%

JSON

OpenSSL: CVE-2022-3786 X.509 certificate verification buffer overrun

Affected configurations

Related