VulnerableCode Package Details - pkg:alpm/archlinux/openssl@1.1.1.o-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/openssl@1.1.1.o-1

Essentials
History (2)

purl	pkg:alpm/archlinux/openssl@1.1.1.o-1

Next non-vulnerable version	3.1.4-1
Latest non-vulnerable version	3.1.4-1
Risk	4.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-95ub-7a6n-afdg Aliases: CVE-2022-2068	openssl: the c_rehash script allows command injection	There are no reported fixed by versions.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-q2ae-5r8q-3fbv	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') The `c_rehash` script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the `c_rehash` script is considered obsolete and should be replaced by the OpenSSL `rehash` command line tool.	CVE-2022-1292

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:26:24.159289+00:00	Arch Linux Importer	Fixing	VCID-q2ae-5r8q-3fbv	https://security.archlinux.org/AVG-2702	38.0.0
2026-04-01T18:24:03.524773+00:00	Arch Linux Importer	Affected by	VCID-95ub-7a6n-afdg	https://security.archlinux.org/AVG-2765	38.0.0