Tavis Ormandy discovered that OpenSSL incorrectly parsed certain
certificates. A remote attacker could possibly use this issue to cause
OpenSSH to stop responding, resulting in a denial of service.

References

ubuntu.com/security/CVE-2022-0778

ubuntu.com/security/notices/USN-5328-2

nessus 69

oraclelinux 11

redhat 12

aix 1

altlinux 4

github 1

osv 13

ibm 21

redos 1

prion 1

openvas 27

githubexploit 2

amazon 2

ics 1

fedora 3

attackerkb 1

cnvd 1

freebsd_advisory 1

nvd 1

fortinet 2

redhatcve 1

ubuntu 1

freebsd 1

rustsec 1

f5 1

arista 1

cisa 1

mariadbunix 1

nodejsblog 1

cbl_mariner 3

debiancve 1

slackware 1

cloudfoundry 1

rocky 1

hivepro 1

checkpoint_advisories 1

ubuntucve 1

alpinelinux 1

cve 1

openssl 1

cloudlinux 1

debian 1

centos 1

nessus

SUSE SLES12 Security Update : compat-openssl098 (SUSE-SU-2022:0859-1)

2022-03-16 00:00:00

SUSE SLES12 Security Update : openssl (SUSE-SU-2022:0854-1)

2022-03-16 00:00:00

Debian DLA-2953-1 : openssl1.0 - LTS security update

2022-03-17 00:00:00

oraclelinux

openssl security update

2022-03-21 00:00:00

openssl security update

2022-03-29 00:00:00

openssl security update

2022-03-30 00:00:00

redhat

(RHSA-2022:1078) Important: openssl security update

2022-03-28 09:39:25

(RHSA-2022:1071) Important: openssl security update

2022-03-28 08:50:25

(RHSA-2022:1077) Important: openssl security update

2022-03-28 09:36:52

aix

AIX is vulnerable to a denial of service due to OpenSSL

2022-05-13 09:32:08

altlinux

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1n-alt1

2022-03-18 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1n-alt1

2022-03-24 00:00:00

Security fix for the ALT Linux 10 package mysql-connector-odbc version 8.0.29-alt1

2022-07-06 00:00:00

github

openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates

2022-03-16 00:00:45

osv

CVE-2022-0778

2022-03-15 17:15:08

BIT-mariadb-2022-0778

2024-03-06 11:03:29

Low: compat-openssl10 security update

2022-06-30 00:00:00

ibm

Security Bulletin: Vulnerability in OpenSSL affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

2023-03-29 01:48:02

Security Bulletin: Vulnerability in OpenSSL affects IBM Event Streams (CVE-2022-0778)

2022-07-12 15:10:30

Security Bulletin: IBM App Connect Enterprise & IBM Integration Bus are vulnerable to a denial of service, due to OpenSSL (CVE-2022-0778)

2022-06-10 16:27:32

redos

ROS-20220318-02

2022-03-18 00:00:00

prion

Code injection

2022-03-15 17:15:00

openvas

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-1176)

2023-01-12 00:00:00

Fedora: Security Advisory for openssl1.1 (FEDORA-2022-8bb51f6901)

2022-04-05 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:14916-1)

2022-03-16 00:00:00

githubexploit

Exploit for Infinite Loop in Openssl

2023-10-30 09:52:21

Exploit for Infinite Loop in Openssl

2022-04-21 04:04:27

amazon

Important: openssl

2022-03-15 18:54:00

Important: openssl, openssl11

2022-03-15 18:49:00

ics

Siemens OpenSSL Affected Industrial Products (Update E)

2023-01-13 12:00:00

fedora

[SECURITY] Fedora 34 Update: openssl-1.1.1n-1.fc34

2022-04-03 01:08:23

[SECURITY] Fedora 36 Update: openssl1.1-1.1.1n-1.fc36

2022-04-05 00:17:58

[SECURITY] Fedora 35 Update: openssl-1.1.1n-1.fc35

2022-03-22 03:44:53

attackerkb

CVE-2022-0778

2022-03-15 00:00:00

cnvd

OpenSSL has a denial of service vulnerability

2022-08-29 00:00:00

freebsd_advisory

FreeBSD-SA-22:03.openssl

2022-03-15 00:00:00

nvd

CVE-2022-0778

2022-03-15 17:15:08

fortinet

Vulnerability in OpenSSL library

2021-08-18 00:00:00

Protect

2022-04-01 00:00:00

redhatcve

CVE-2022-0778

2022-03-15 17:45:49

ubuntu

OpenSSL vulnerability

2022-03-15 00:00:00

freebsd

OpenSSL -- Infinite loop in BN_mod_sqrt parsing certificates

2022-03-15 00:00:00

rustsec

Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates

2022-03-15 12:00:00

K31323265 : OpenSSL vulnerability CVE-2022-0778

2022-03-22 00:00:00

arista

Security Advisory 0075

2022-04-26 00:00:00

cisa

OpenSSL Releases Security Updates

2022-03-17 00:00:00

mariadbunix

CVE-2022-0778

2022-03-15 17:15:08

nodejsblog

OpenSSL security releases require Node.js security releases

2022-03-18 00:00:00

cbl_mariner

CVE-2022-0778 affecting package openssl 1.1.1k-16

2022-03-19 16:40:53

CVE-2022-0778 affecting package openssl for versions less than 1.1.1k-12

2022-04-09 06:51:56

CVE-2022-0778 affecting package edk2 for versions less than 20240223gitedc6681206c1-1

2024-07-22 23:01:50

debiancve

CVE-2022-0778

2022-03-15 17:15:08

slackware

[slackware-security] openssl

2022-03-17 19:59:07

cloudfoundry

USN-5328-1: OpenSSL vulnerability | Cloud Foundry

2022-05-23 00:00:00

rocky

compat-openssl11 security and bug fix update

2022-06-02 21:13:31

hivepro

OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop

2022-03-17 14:17:00

checkpoint_advisories

OpenSSL Denial of Service (CVE-2022-0778)

2022-03-27 00:00:00

ubuntucve

CVE-2022-0778

2022-03-15 00:00:00

alpinelinux

CVE-2022-0778

2022-03-15 17:15:08

cve

CVE-2022-0778

2022-03-15 17:15:08

openssl

Vulnerability in OpenSSL - Infinite loop in BN_mod_sqrt() reachable when parsing certificates

2022-03-15 00:00:00

cloudlinux

Fix of CVE: CVE-2022-0778

2022-03-17 20:51:13

debian

[SECURITY] [DLA 2953-1] openssl1.0 security update

2022-03-17 09:50:32

centos

openssl security update

2022-03-29 13:36:31

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

7.8

Confidence

High

EPSS

0.015

Percentile

87.3%

JSON

Related for OSV:USN-5328-2