Search for vulnerabilities
Vulnerability details: VCID-jhyx-3a27-aaae
Vulnerability ID VCID-jhyx-3a27-aaae
Aliases CVE-2022-3786
GHSA-h8jm-2x53-xhp5
VC-OPENSSL-20221101-CVE-2022-3786
Summary A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (6)
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-121 Stack-based Buffer Overflow
CWE-193 Off-by-one Error
System Score Found at
cvssv3.1 7.5 http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
generic_textual HIGH http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3786.json
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.00125 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.15138 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19266 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19765 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19765 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19765 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19765 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.19765 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.2552 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.2552 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.26305 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.26305 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
epss 0.54446 https://api.first.org/data/v1/epss?cve=CVE-2022-3786
cvssv3.1 5.9 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-h8jm-2x53-xhp5
cvssv3.1 7.5 https://github.com/alexcrichton/openssl-src-rs
generic_textual HIGH https://github.com/alexcrichton/openssl-src-rs
cvssv3.1 7.5 https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3
generic_textual HIGH https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3
cvssv3.1 7.5 https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3
generic_textual HIGH https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3
cvssv3.1 7.5 https://github.com/rustsec/advisory-db/pull/1452
generic_textual HIGH https://github.com/rustsec/advisory-db/pull/1452
cvssv3.1 7.5 https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
generic_textual HIGH https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
cvssv3.1 7.5 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
generic_textual HIGH https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
ssvc Track https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
cvssv3 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-3786
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-3786
cvssv3.1 7.5 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
generic_textual HIGH https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
cvssv3.1 7.5 https://rustsec.org/advisories/RUSTSEC-2022-0065.html
generic_textual HIGH https://rustsec.org/advisories/RUSTSEC-2022-0065.html
cvssv3.1 7.5 https://security.gentoo.org/glsa/202211-01
generic_textual HIGH https://security.gentoo.org/glsa/202211-01
cvssv3.1 7.5 https://security.netapp.com/advisory/ntap-20221102-0001
generic_textual HIGH https://security.netapp.com/advisory/ntap-20221102-0001
cvssv3.1 7.5 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a
generic_textual HIGH https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a
cvssv3.1 7.5 https://www.kb.cert.org/vuls/id/794340
generic_textual HIGH https://www.kb.cert.org/vuls/id/794340
cvssv3.1 7.5 https://www.openssl.org/news/secadv/20221101.txt
generic_textual HIGH https://www.openssl.org/news/secadv/20221101.txt
ssvc Track https://www.openssl.org/news/secadv/20221101.txt
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/01/15
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/01/15
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/01/16
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/01/16
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/01/17
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/01/17
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/01/18
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/01/18
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/01/19
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/01/19
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/01/20
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/01/20
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/01/21
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/01/21
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/01/24
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/01/24
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/1
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/1
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/10
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/10
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/11
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/11
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/12
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/12
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/13
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/13
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/14
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/14
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/15
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/15
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/2
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/2
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/3
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/3
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/5
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/5
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/6
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/6
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/7
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/7
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/02/9
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/02/9
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/03/1
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/03/1
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/03/10
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/03/10
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/03/11
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/03/11
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/03/2
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/03/2
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/03/3
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/03/3
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/03/5
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/03/5
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/03/6
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/03/6
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/03/7
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/03/7
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2022/11/03/9
generic_textual HIGH http://www.openwall.com/lists/oss-security/2022/11/03/9
Reference id Reference type URL
http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3786.json
https://api.first.org/data/v1/epss?cve=CVE-2022-3786
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/alexcrichton/openssl-src-rs
https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3
https://github.com/openssl/openssl/commit/c42165b5706e42f67ef8ef4c351a9a4c5d21639a
https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3
https://github.com/rustsec/advisory-db/pull/1452
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
https://rustsec.org/advisories/RUSTSEC-2022-0065.html
https://security.gentoo.org/glsa/202211-01
https://security.netapp.com/advisory/ntap-20221102-0001
https://security.netapp.com/advisory/ntap-20221102-0001/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a
https://www.kb.cert.org/vuls/id/794340
https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/
https://www.openssl.org/news/secadv/20221101.txt
http://www.openwall.com/lists/oss-security/2022/11/01/15
http://www.openwall.com/lists/oss-security/2022/11/01/16
http://www.openwall.com/lists/oss-security/2022/11/01/17
http://www.openwall.com/lists/oss-security/2022/11/01/18
http://www.openwall.com/lists/oss-security/2022/11/01/19
http://www.openwall.com/lists/oss-security/2022/11/01/20
http://www.openwall.com/lists/oss-security/2022/11/01/21
http://www.openwall.com/lists/oss-security/2022/11/01/24
http://www.openwall.com/lists/oss-security/2022/11/02/1
http://www.openwall.com/lists/oss-security/2022/11/02/10
http://www.openwall.com/lists/oss-security/2022/11/02/11
http://www.openwall.com/lists/oss-security/2022/11/02/12
http://www.openwall.com/lists/oss-security/2022/11/02/13
http://www.openwall.com/lists/oss-security/2022/11/02/14
http://www.openwall.com/lists/oss-security/2022/11/02/15
http://www.openwall.com/lists/oss-security/2022/11/02/2
http://www.openwall.com/lists/oss-security/2022/11/02/3
http://www.openwall.com/lists/oss-security/2022/11/02/5
http://www.openwall.com/lists/oss-security/2022/11/02/6
http://www.openwall.com/lists/oss-security/2022/11/02/7
http://www.openwall.com/lists/oss-security/2022/11/02/9
http://www.openwall.com/lists/oss-security/2022/11/03/1
http://www.openwall.com/lists/oss-security/2022/11/03/10
http://www.openwall.com/lists/oss-security/2022/11/03/11
http://www.openwall.com/lists/oss-security/2022/11/03/2
http://www.openwall.com/lists/oss-security/2022/11/03/3
http://www.openwall.com/lists/oss-security/2022/11/03/5
http://www.openwall.com/lists/oss-security/2022/11/03/6
http://www.openwall.com/lists/oss-security/2022/11/03/7
http://www.openwall.com/lists/oss-security/2022/11/03/9
1021620 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021620
2139104 https://bugzilla.redhat.com/show_bug.cgi?id=2139104
cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
cpe:2.3:a:nodejs:node.js:18.12.0:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:18.12.0:*:*:*:lts:*:*:*
cpe:2.3:a:nodejs:node.js:19.0.0:*:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:19.0.0:*:*:*:-:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
CVE-2022-3786 https://nvd.nist.gov/vuln/detail/CVE-2022-3786
GHSA-h8jm-2x53-xhp5 https://github.com/advisories/GHSA-h8jm-2x53-xhp5
GLSA-202405-29 https://security.gentoo.org/glsa/202405-29
RHSA-2022:7288 https://access.redhat.com/errata/RHSA-2022:7288
RHSA-2022:7384 https://access.redhat.com/errata/RHSA-2022:7384
USN-5710-1 https://usn.ubuntu.com/5710-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3786.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/alexcrichton/openssl-src-rs
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/rustsec/advisory-db/pull/1452
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:54Z/ Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-3786
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-3786
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://rustsec.org/advisories/RUSTSEC-2022-0065.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.gentoo.org/glsa/202211-01
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20221102-0001
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.kb.cert.org/vuls/id/794340
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.openssl.org/news/secadv/20221101.txt
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:54Z/ Found at https://www.openssl.org/news/secadv/20221101.txt
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/01/15
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/01/16
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/01/17
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/01/18
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/01/19
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/01/20
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/01/21
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/01/24
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/10
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/11
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/12
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/13
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/14
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/15
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/3
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/5
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/6
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/7
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/02/9
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/03/1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/03/10
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/03/11
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/03/2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/03/3
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/03/5
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/03/6
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/03/7
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/11/03/9
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.48005
EPSS Score 0.00125
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.