Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:apk/alpine/openssl@3.0.7-r2?arch=aarch64&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/openssl@3.0.7-r2?arch=aarch64&distroversion=v3.21&reponame=main
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-ncw4-3azc-1fb5 Denial of service by double-checked locking in openssl-src If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the `-policy' argument to the command line utilities or by calling either `X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions. CVE-2022-3996
GHSA-vr8j-hgmm-jh9r

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-03T17:53:11.139251+00:00 Alpine Linux Importer Fixing VCID-ncw4-3azc-1fb5 https://secdb.alpinelinux.org/v3.21/main.json 38.1.0