Lucene search
GoogleOSV:USN-5402-1HistoryMay 04, 2022 - 1:21 p.m.
openssl, openssl1.0 vulnerabilities
2022-05-0413:21:13
Google
osv.dev
5
Elison Niven discovered that OpenSSL incorrectly handled the c_rehash
script. A local attacker could possibly use this issue to execute arbitrary
commands when c_rehash is run. (CVE-2022-1292)
Raul Metsma discovered that OpenSSL incorrectly verified certain response
signing certificates. A remote attacker could possibly use this issue to
spoof certain response signing certificates. This issue only affected
Ubuntu 22.04 LTS. (CVE-2022-1343)
Tom Colley discovered that OpenSSL used the incorrect MAC key in the
RC4-MD5 ciphersuite. In non-default configurations were RC4-MD5 is enabled,
a remote attacker could possibly use this issue to modify encrypted
communications. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1434)
Aliaksei Levin discovered that OpenSSL incorrectly handled resources when
decoding certificates and keys. A remote attacker could possibly use this
issue to cause OpenSSL to consume resources, leading to a denial of
service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1473)
Related
nessus
nessus
FreeBSD : OpenSSL -- Multiple vulnerabilities (fceb2b08-cb76-11ec-a06f-d4c9ef517024)
2022-05-04 00:00:00
Amazon Linux 2022 : openssl (ALAS2022-2022-104)
2022-09-07 00:00:00
ics
ics
Siemens Brownfield Connectivity Client
2023-02-16 12:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2022-05-04 00:00:00
OpenSSL vulnerabilities
2022-05-26 00:00:00
freebsd
freebsd
OpenSSL -- Multiple vulnerabilities
2022-05-03 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5402-1)
2022-05-05 00:00:00
OpenSSL: Multiple Vulnerabilities (May 2022) - Linux
2022-05-04 00:00:00
OpenSSL: Multiple Vulnerabilities (May 2022) - Windows
2022-05-04 00:00:00
ibm
ibm
cloudfoundry
cloudfoundry
USN-5402-1: OpenSSL vulnerabilities | Cloud Foundry
2022-07-29 00:00:00
redos
redos
ROS-20220524-01
2022-05-24 00:00:00
nodejsblog
nodejsblog
OpenSSL update assessment, and Node.js project plans
2022-05-05 00:00:00
suse
suse
Security update for openssl-3 (important)
2022-07-06 00:00:00
osv
osv
openssl vulnerabilities
2022-05-26 13:34:08
Moderate: openssl security and bug fix update
2022-08-30 00:00:00
Incorrect MAC key used in the RC4-MD5 ciphersuite
2022-05-03 12:00:00
redhat
redhat
(RHSA-2022:6224) Moderate: openssl security and bug fix update
2022-08-30 15:46:32
oraclelinux
oraclelinux
openssl security update
2022-08-31 00:00:00
openssl security and bug fix update
2022-08-30 00:00:00
almalinux
almalinux
Moderate: openssl security and bug fix update
2022-08-30 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-4.0-0185
2022-05-18 00:00:00
Critical Photon OS Security Update - PHSA-2022-0185
2022-05-18 00:00:00
debiancve
debiancve
veracode
veracode
Man-in-the-Middle (MitM)
2022-05-13 10:37:10
Insecure Certificate Validation
2022-05-12 21:28:54
Denial Of Service (DoS)
2022-05-13 08:43:12
redhatcve
redhatcve
nvd
nvd
f5
f5
K09413574 : OpenSSL vulnerability CVE-2022-1434
2022-05-27 00:00:00
K00053434 : OPENSSL_LH_flush() function vulnerability CVE-2022-1473
2022-05-28 00:00:00
K00334558 : OpenSSL vulnerability CVE-2022-1473
2022-06-02 00:00:00
alpinelinux
alpinelinux
ubuntucve
ubuntucve
cve
cve
prion
prion
Design/Logic Flaw
2022-05-03 16:15:00
Design/Logic Flaw
2022-05-03 16:15:00
Design/Logic Flaw
2022-05-03 16:15:00
openssl
openssl
Vulnerability in OpenSSL CVE-2022-1473
2022-05-03 00:00:00
Vulnerability in OpenSSL CVE-2022-1343
2022-05-03 00:00:00
Vulnerability in OpenSSL CVE-2022-1434
2022-05-03 00:00:00
rustsec
rustsec
Resource leakage when decoding certificates and keys
2022-05-03 12:00:00
Incorrect MAC key used in the RC4-MD5 ciphersuite
2022-05-03 12:00:00
`OCSP_basic_verify` may incorrectly verify the response signing certificate
2022-05-03 12:00:00
github
github
Incorrect MAC key used in the RC4-MD5 ciphersuite
2022-05-04 00:00:22
`OCSP_basic_verify` may incorrectly verify the response signing certificate
2022-05-04 00:00:23
Resource leakage when decoding certificates and keys
2022-05-04 00:00:22
cvelist
cvelist
CVE-2022-1343 OCSP_basic_verify may incorrectly verify the response signing certificate
2022-05-03 00:00:00
CVE-2022-1434 Incorrect MAC key used in the RC4-MD5 ciphersuite
2022-05-03 00:00:00
CVE-2022-1473 Resource leakage when decoding certificates and keys
2022-05-03 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: openssl-1.1.1o-1.fc35
2022-06-29 01:50:51
[SECURITY] Fedora 36 Update: openssl1.1-1.1.1o-1.fc36
2022-06-23 00:41:52
cbl_mariner
cbl_mariner
CVE-2022-1292 affecting package openssl 1.1.1k-9
2022-05-26 19:04:39
CVE-2022-1292 affecting package hvloader for versions less than 1.0.1-2
2024-06-21 09:32:44
CVE-2022-1292 affecting package openssl for versions less than 1.1.1k-15
2022-06-03 17:54:02
amazon
amazon
Medium: openssl11
2022-07-06 03:14:00
Medium: openssl
2022-06-30 23:38:00
Medium: openssl
2022-05-31 23:50:00
debian
debian
[SECURITY] [DSA 5139-1] openssl security update
2022-05-17 19:10:59
[SECURITY] [DLA 3008-1] openssl security update
2022-05-15 02:10:14
githubexploit
githubexploit
Exploit for OS Command Injection in Openssl
2022-09-01 07:00:00
Exploit for OS Command Injection in Openssl
2022-05-25 07:06:48
Exploit for OS Command Injection in Openssl
2022-07-26 11:33:10
slackware
slackware
[slackware-security] openssl
2022-05-04 21:32:34
mageia
mageia
Updated openssl packages fix security vulnerability
2022-05-12 13:24:45
checkpoint_advisories
checkpoint_advisories
OpenSSL c_rehash Script Command Injection (CVE-2022-1292)
2022-11-14 00:00:00
cloudlinux
cloudlinux
Fixed CVEs in openssl: CVE-2022-1292, CVE-2022-2068
2022-07-14 16:53:26
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1p-alt1
2022-06-22 00:00:00
broadcom
broadcom