David Benjamin discovered that OpenSSL incorrectly handled X.400 address
processing. A remote attacker could possibly use this issue to read
arbitrary memory contents or cause OpenSSL to crash, resulting in a denial
of service. (CVE-2023-0286)

Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly
handled streaming ASN.1 data. A remote attacker could use this issue to
cause OpenSSL to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-0215)

References

ubuntu.com/security/CVE-2023-0215

ubuntu.com/security/CVE-2023-0286

ubuntu.com/security/notices/USN-5845-1

ubuntu 2

cloudlinux 1

nessus 64

osv 6

openvas 34

cloudfoundry 1

ibm 25

amazon 3

redhat 10

altlinux 2

oraclelinux 12

freebsd 2

freebsd_advisory 1

ics 3

almalinux 2

fedora 2

rocky 1

slackware 1

openssl 2

redhatcve 1

f5 2

cvelist 2

cbl_mariner 10

nvd 1

cgr 1

centos 1

veracode 1

debian 1

hivepro 1

prion 1

wolfi 1

ubuntucve 1

githubexploit 1

ubuntu

OpenSSL vulnerabilities

2023-02-07 00:00:00

OpenSSL vulnerabilities

2023-02-07 00:00:00

cloudlinux

openssl: Fix of 2 CVEs

2023-02-10 10:39:56

nessus

EulerOS 2.0 SP5 : openssl (EulerOS-SA-2023-2161)

2023-06-09 00:00:00

Ubuntu 18.04 LTS : OpenSSL vulnerabilities (USN-5845-1)

2023-02-07 00:00:00

Ubuntu 16.04 ESM : OpenSSL vulnerabilities (USN-5845-2)

2023-02-07 00:00:00

osv

openssl vulnerabilities

2023-02-07 20:06:40

Important: edk2 security update

2023-05-16 00:00:00

Important: openssl security update

2023-03-22 00:00:00

openvas

Ubuntu: Security Advisory (USN-5845-1)

2023-02-08 00:00:00

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2161)

2023-06-09 00:00:00

Ubuntu: Security Advisory (USN-5845-2)

2023-02-08 00:00:00

cloudfoundry

USN-5845-1: OpenSSL vulnerabilities | Cloud Foundry

2023-02-24 00:00:00

ibm

Security Bulletin: Vulnerabilites in OpenSSL may affect IBM Spectrum Protect Backup-Archive Client NetApp Services (CVE-2022-4304, CVE-2023-0215, CVE-2023-0286)

2023-03-23 14:47:43

Security Bulletin: IBM DataPower Gateway affected by multiple CVEs in OpenSSL

2023-05-02 15:23:43

Security Bulletin: IBM MQ for HP NonStop Server is affected by multiple OpenSSL vulnerabilities

2023-03-07 16:55:34

amazon

Important: openssl

2023-02-03 23:39:00

Important: openssl

2023-02-03 19:19:00

Important: openssl11

2023-02-03 19:19:00

redhat

(RHSA-2023:4128) Important: edk2 security update

2023-07-18 07:19:33

(RHSA-2023:3420) Important: Red Hat JBoss Web Server 5.7.3 release and security update

2023-06-05 13:52:35

(RHSA-2023:1405) Important: openssl security update

2023-03-22 10:18:26

altlinux

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1t-alt1

2023-02-20 00:00:00

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1t-alt1

2023-02-10 00:00:00

oraclelinux

edk2 security update

2023-05-24 00:00:00

edk2 security update

2023-12-07 00:00:00

edk2 security update

2023-12-06 00:00:00

freebsd

FreeBSD -- Multiple vulnerabilities in OpenSSL

2023-02-16 00:00:00

py-cryptography -- includes a vulnerable copy of OpenSSL

2023-02-08 00:00:00

freebsd_advisory

FreeBSD-SA-23:03.openssl

2023-02-16 00:00:00

ics

Siemens SCALANCE W1750D Devices

2023-03-16 12:00:00

Hitachi Energy Lumada APM Edge

2023-09-12 12:00:00

Siemens Address Processing in SIMATIC

2023-08-10 12:00:00

almalinux

Important: openssl security update

2023-03-22 00:00:00

Important: edk2 security update

2023-05-16 00:00:00

fedora

[SECURITY] Fedora 36 Update: edk2-20221117gitfff6d81270b5-14.fc36

2023-03-05 00:54:06

[SECURITY] Fedora 37 Update: edk2-20221117gitfff6d81270b5-13.fc37

2023-02-16 02:06:48

rocky

openssl security update

2023-03-28 13:07:30

slackware

[slackware-security] openssl

2023-02-07 20:57:57

openssl

Vulnerability in OpenSSL CVE-2023-0215

2023-02-07 00:00:00

Vulnerability in OpenSSL CVE-2023-0286

2023-02-07 00:00:00

redhatcve

CVE-2023-0215

2023-02-07 17:28:22

K000132946 : OpenSSL vulnerability CVE-2023-0215

2023-03-13 00:00:00

K000132941 : OpenSSL vulnerability CVE-2023-0286

2023-03-13 00:00:00

cvelist

CVE-2023-0215 Use-after-free following BIO_new_NDEF

2023-02-08 19:03:28

CVE-2023-0286 X.400 address type confusion in X.509 GeneralName

2023-02-08 19:01:50

cbl_mariner

CVE-2023-0215 affecting package hvloader for versions less than 1.0.1-2

2024-06-06 19:53:22

CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2

2024-06-18 09:08:13

CVE-2023-0215 affecting package cloud-hypervisor 22.0-2

2024-06-18 09:08:13

nvd

CVE-2023-0286

2023-02-08 20:15:24

cgr

CVE-2023-0286 vulnerabilities

2024-05-19 03:07:16

centos

openssl security update

2023-03-22 14:01:44

veracode

Type Confusion

2023-02-09 20:56:17

debian

[SECURITY] [DLA 3325-1] openssl security update

2023-02-20 11:11:21

hivepro

OpenSSL Releases Update to Address Several High-Severity Vulnerabilities

2023-02-10 12:55:54

prion

Type confusion

2023-02-08 20:15:00

wolfi

CVE-2023-0286 vulnerabilities

2024-06-18 09:08:19

ubuntucve

CVE-2023-0215

2023-02-07 00:00:00

githubexploit

Exploit for Use After Free in Openssl

2023-04-18 12:07:40

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.5%

JSON

Related for OSV:USN-5845-1