Количество 14
Количество 14
GHSA-h8jm-2x53-xhp5
X.509 Email Address Variable Length Buffer Overflow
CVE-2022-3786
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
CVE-2022-3786
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
CVE-2022-3786
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
CVE-2022-3786
A buffer overrun can be triggered in X.509 certificate verification, s ...
CVE-2022-3786
OpenSSL: CVE-2022-3786 X.509 certificate verification buffer overrun
BDU:2022-06609
Уязвимость функционала проверки сертификата X.509 библиотеки OpenSSL, позволяющая нарушителю аварийно завершить работу приложения
SUSE-SU-2022:4586-1
Security update for openssl-3
RLSA-2022:7288
Important: openssl security update
ELSA-2022-9968
ELSA-2022-9968: openssl security update (IMPORTANT)
ELSA-2022-7288
ELSA-2022-7288: openssl security update (IMPORTANT)
ELSA-2022-10004
ELSA-2022-10004: openssl security update (IMPORTANT)
CVE-2022-3602
OpenSSL: CVE-2022-3602 X.509 certificate verification buffer overrun
SUSE-SU-2022:3843-1
Security update for openssl-3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-h8jm-2x53-xhp5 X.509 Email Address Variable Length Buffer Overflow | CVSS3: 7.5 | 31% Средний | около 3 лет назад |
 | CVE-2022-3786 A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. | CVSS3: 7.5 | 31% Средний | около 3 лет назад |
 | CVE-2022-3786 A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. | CVSS3: 7.5 | 31% Средний | около 3 лет назад |
 | CVE-2022-3786 A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. | CVSS3: 7.5 | 31% Средний | около 3 лет назад |
| CVE-2022-3786 A buffer overrun can be triggered in X.509 certificate verification, s ... | CVSS3: 7.5 | 31% Средний | около 3 лет назад |
 | CVE-2022-3786 OpenSSL: CVE-2022-3786 X.509 certificate verification buffer overrun | 31% Средний | около 3 лет назад | |
 | BDU:2022-06609 Уязвимость функционала проверки сертификата X.509 библиотеки OpenSSL, позволяющая нарушителю аварийно завершить работу приложения | CVSS3: 8.1 | 31% Средний | около 3 лет назад |
 | SUSE-SU-2022:4586-1 Security update for openssl-3 | почти 3 года назад | ||
 | RLSA-2022:7288 Important: openssl security update | около 3 лет назад | ||
| ELSA-2022-9968 ELSA-2022-9968: openssl security update (IMPORTANT) | около 3 лет назад | ||
| ELSA-2022-7288 ELSA-2022-7288: openssl security update (IMPORTANT) | около 3 лет назад | ||
| ELSA-2022-10004 ELSA-2022-10004: openssl security update (IMPORTANT) | почти 3 года назад | ||
| CVE-2022-3602 OpenSSL: CVE-2022-3602 X.509 certificate verification buffer overrun | 86% Высокий | около 3 лет назад | |
| SUSE-SU-2022:3843-1 Security update for openssl-3 | около 3 лет назад |
Уязвимостей на страницу