CVE-2022-37026

Опубликовано: 21 сент. 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 9.8

Описание

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	released	1:24.3.4.5+dfsg-1
esm-infra-legacy/trusty	needs-triage
esm-infra/bionic	needs-triage
esm-infra/focal	not-affected	1:22.2.7+dfsg-1ubuntu0.2
esm-infra/xenial	needs-triage
focal	released	1:22.2.7+dfsg-1ubuntu0.2
jammy	released	1:24.2.1+dfsg-1ubuntu0.1
kinetic	released	1:24.3.4.1+dfsg-1ubuntu0.1
lunar	released	1:24.3.4.5+dfsg-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 30%

0.00105

Низкий

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2022-37026

CVSS3: 9.4

redhat

почти 3 года назад

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

CVE-2022-37026

CVSS3: 9.8

nvd

почти 3 года назад

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

CVE-2022-37026

CVSS3: 9.8

debian

почти 3 года назад

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before ...

SUSE-SU-2023:4109-1

suse-cvrf

больше 1 года назад

Security update for erlang

SUSE-SU-2023:3409-1

suse-cvrf

почти 2 года назад

Security update for erlang

EPSS

Процентиль: 30%

0.00105

Низкий

9.8 Critical

CVSS3

CVE-2022-37026

Описание

Пакет erlang

Ссылки на источники

Связанные уязвимости