Lucene search

GoogleOSV:USN-5488-1

HistoryJun 21, 2022 - 2:36 p.m.

openssl, openssl1.0 vulnerability

2022-06-2114:36:21

Google

osv.dev

7.2 High

AI Score

Confidence

Low

0.093 Low

EPSS

Percentile

94.7%

JSON

Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the
c_rehash script. A local attacker could possibly use this issue to execute
arbitrary commands when c_rehash is run.

References

ubuntu.com/security/CVE-2022-2068

ubuntu.com/security/notices/USN-5488-1

openvas

Ubuntu: Security Advisory (USN-5488-1)

2022-06-22 00:00:00

Mageia: Security Advisory (MGASA-2022-0246)

2022-07-01 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:2180-1)

2022-06-27 00:00:00

osv

heap buffer overflow in OpenSSL version 3.0.4

2022-06-28 02:20:38

heap buffer overflow in OpenSSL version 3.0.4

2022-06-28 02:20:38

openssl - security update

2022-06-26 00:00:00

ubuntu

OpenSSL vulnerability

2022-07-06 00:00:00

OpenSSL vulnerability

2022-06-21 00:00:00

Node.js vulnerabilities

2023-10-30 00:00:00

ibm

Security Bulletin: IBM Aspera Orchestrator affected by OpenSSL vulnerability (CVE-2022-2068)

2023-02-02 17:25:41

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary command execution in OpenSSL (CVE-2022-2068)

2023-02-01 15:38:14

Security Bulletin: IBM Sterling Connect:Direct for UNIX Container is vulnerable to execute arbitrary commands due to OpenSSL (CVE-2022-2068)

2022-09-14 14:09:15

altlinux

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1q-alt1

2022-07-08 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1q-alt1

2022-07-05 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1p-alt1

2022-06-22 00:00:00

veracode

Command Injection

2022-06-22 12:42:34

nodejsblog

OpenSSL update assessment, and Node.js project plans

2022-06-21 00:00:00

OpenSSL update assessment, and Node.js project plans

2022-06-21 00:00:00

ics

Mitsubishi Electric GT SoftGOT2000

2022-11-15 12:00:00

debian

[SECURITY] [DSA 5169-1] openssl security update

2022-06-26 18:26:57

rocky

openssl security and bug fix update

2023-01-26 21:50:01

openssl security update

2022-08-02 07:00:02

cbl_mariner

CVE-2022-2068 affecting package openssl for versions less than 1.1.1k-17

2022-07-01 21:02:21

CVE-2022-2068 affecting package openssl 1.1.1k-16

2022-07-14 20:59:56

fedora

[SECURITY] Fedora 36 Update: openssl1.1-1.1.1p-1.fc36

2022-07-06 01:38:37

[SECURITY] Fedora 35 Update: openssl-1.1.1q-1.fc35

2022-07-23 02:27:30

photon

Moderate Photon OS Security Update - PHSA-2022-0408

2022-06-22 00:00:00

Critical Photon OS Security Update - PHSA-2022-3.0-0408

2022-06-22 00:00:00

Moderate Photon OS Security Update - PHSA-2022-0490

2022-06-23 00:00:00

cloudfoundry

USN-5488-1: OpenSSL vulnerability | Cloud Foundry

2022-07-28 00:00:00

freebsd

OpenSSL -- Command injection vulnerability

2022-06-21 00:00:00

mageia

Updated openssl packages fix security vulnerability

2022-07-01 00:31:09

redhat

(RHSA-2022:8913) Moderate: Red Hat JBoss Web Server 5.7.1 release and security update

2022-12-12 12:28:19

(RHSA-2022:8917) Moderate: Red Hat JBoss Web Server 5.7.1 release and security update

2022-12-12 12:20:51

(RHSA-2022:5818) Moderate: openssl security update

2022-08-02 07:00:02

broadcom

openssl file names of certificates being hashed were possibly passed to a command executed through the shell

2023-08-01 00:00:00

nvd

CVE-2022-2068

2022-06-21 15:15:09

nessus

SUSE SLES12 Security Update : openssl (SUSE-SU-2022:2181-1)

2022-06-27 00:00:00

SUSE SLES15 Security Update : openssl (SUSE-SU-2022:2179-1)

2022-06-25 00:00:00

Amazon Linux 2 : openssl (ALAS-2022-1831)

2022-08-08 00:00:00

amazon

Medium: openssl

2022-07-28 21:55:00

Medium: openssl11

2022-07-28 21:55:00

Medium: openssl

2022-07-28 20:38:00

openssl

Vulnerability in OpenSSL CVE-2022-2068

2022-06-21 00:00:00

suse

Security update for openssl-1_0_0 (moderate)

2022-07-07 00:00:00

Security update for openssl-1_1 (moderate)

2022-07-04 00:00:00

Security update for openssl-1_1 (moderate)

2022-09-01 00:00:00

cvelist

CVE-2022-2068 The c_rehash script allows command injection

2022-06-21 00:00:00

debiancve

CVE-2022-2068

2022-06-21 15:15:09

prion

Command injection

2022-06-21 15:15:00

redhatcve

CVE-2022-2068

2022-06-22 06:36:12

K21600298 : OpenSSL vulnerabilities CVE-2022-1292 and CVE-2022-2068

2022-08-05 00:00:00

cve

CVE-2022-2068

2022-06-21 15:15:09

cloudlinux

Fixed CVEs in openssl: CVE-2022-1292, CVE-2022-2068

2022-07-14 16:53:26

ubuntucve

CVE-2022-2068

2022-06-21 00:00:00

slackware

[slackware-security] openssl

2022-06-23 05:32:23

[slackware-security] Slackware 14.2 openssl

2022-06-28 19:28:45

alpinelinux

CVE-2022-2068

2022-06-21 15:15:09

oraclelinux

openssl security update

2022-08-05 00:00:00

openssl security update

2022-08-02 00:00:00

openssl security and bug fix update

2022-08-30 00:00:00

almalinux

Moderate: openssl security update

2022-08-03 00:00:00

Moderate: openssl security and bug fix update

2022-08-30 00:00:00

aix

AIX is vulnerable to arbitrary command execution due to OpenSSL

2022-08-17 16:39:03

thn

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

2023-01-18 05:56:00

7.2 High

AI Score

Confidence

Low

0.093 Low

EPSS

Percentile

94.7%

JSON

openssl, openssl1.0 vulnerability

References

Related