Lucene search
Veracode Vulnerability DatabaseVERACODE:38785HistoryJan 06, 2023 - 8:19 a.m.
Improper Locking
2023-01-0608:19:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
47
openssl
denial of service
x.509
certificate
policy constraint
policy processing
write lock
operating systems
EPSS
0.001
Percentile
46.3%
openssl is vulnerable to denial of service (DoS) attacks. When an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems this results in a denial of service when the affected process hangs.
Related
nessus
nessus
Amazon Linux 2023 : openssl, openssl-devel, openssl-libs (ALAS2023-2023-095)
2023-03-21 00:00:00
Photon OS 4.0: Openssl PHSA-2023-4.0-0308
2024-07-23 00:00:00
SUSE SLED15 / SLES15 Security Update : openssl-3 (SUSE-SU-2022:4586-1)
2022-12-21 00:00:00
osv
osv
libopenssl-3-devel-3.0.7-2.1 on GA media
2024-06-15 00:00:00
openssl-src subject to DoS by double-checked locking
2022-12-13 18:30:33
CGA-625w-vrp6-h2jj
2024-06-06 12:24:22
cgr
cgr
CVE-2022-3996 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2022-3996 vulnerabilities
2024-09-30 09:32:54
nodejsblog
nodejsblog
OpenSSL 3.0.7 update assessment
2022-12-16 00:00:00
openvas
openvas
OpenSSL: X.509 Policy Constraints Double Locking Vulnerability (Dec 2022) - Linux
2022-12-14 00:00:00
OpenSSL: X.509 Policy Constraints Double Locking Vulnerability (Dec 2022) - Windows
2022-12-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:4586-1)
2022-12-21 00:00:00
redhatcve
redhatcve
CVE-2022-3996
2022-12-14 11:04:49
photon
photon
Important Photon OS Security Update - PHSA-2023-0308
2023-01-05 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0308
2023-01-05 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0415
2023-06-22 00:00:00
cbl_mariner
cbl_mariner
github
github
openssl-src subject to DoS by double-checked locking
2022-12-13 18:30:33
prion
prion
Design/Logic Flaw
2022-12-13 16:15:00
debiancve
debiancve
CVE-2022-3996
2022-12-13 16:15:22
cve
cve
CVE-2022-3996
2022-12-13 16:15:22
vulnrichment
vulnrichment
CVE-2022-3996 X.509 Policy Constraints Double Locking
2022-12-13 15:43:06
alpinelinux
alpinelinux
CVE-2022-3996
2022-12-13 16:15:22
ubuntucve
ubuntucve
CVE-2022-3996
2022-12-13 00:00:00
cvelist
cvelist
CVE-2022-3996 X.509 Policy Constraints Double Locking
2022-12-13 15:43:06
openssl
openssl
Vulnerability in OpenSSL - X.509 Policy Constraints Double Locking
2022-12-13 00:00:00
nvd
nvd
CVE-2022-3996
2022-12-13 16:15:22
cloudlinux
cloudlinux
openssl: Fix of 3 CVEs
2023-05-04 21:42:17
ubuntu
ubuntu
OpenSSL vulnerabilities
2023-04-25 00:00:00
cloudfoundry
cloudfoundry
USN-6039-1: OpenSSL vulnerabilities | Cloud Foundry
2023-06-30 00:00:00
ibm
ibm
thn
thn
OpenSSL Fixes Multiple New Security Flaws with Latest Update
2023-02-09 09:51:00
aix
aix
Multiple vulnerabilities in OpenSSL affect AIX
2023-03-21 13:26:15
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00