Vulnerabilities > Openssl > Openssl > 3.0.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-13 | CVE-2022-3996 | Improper Locking vulnerability in Openssl If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. | 7.5 |
2022-11-01 | CVE-2022-3602 | Out-of-bounds Write vulnerability in multiple products A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. | 7.5 |
2022-11-01 | CVE-2022-3786 | Classic Buffer Overflow vulnerability in multiple products A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. | 7.5 |
2022-10-11 | CVE-2022-3358 | NULL Pointer Dereference vulnerability in Openssl OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls. | 7.5 |