{ "document": { "aggregate_severity": { "text": "High" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/centos7els/vex/2023/cve-2023-0286-els_os-centos7els.json" } ], "title": "Security update on CVE-2023-0286", "tracking": { "current_release_date": "2025-12-23T20:55:41Z", "generator": { "date": "2025-12-23T20:55:41Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2023-0286-ELS_OS-CENTOS7ELS", "initial_release_date": "2023-02-08T20:15:00Z", "revision_history": [ { "date": "2023-02-08T20:15:00Z", "number": "1", "summary": "Initial version" }, { "date": "2025-10-16T19:30:40Z", "number": "2", "summary": "Official Publication" }, { "date": "2025-11-29T10:54:02Z", "number": "3", "summary": "Update document" }, { "date": "2025-12-23T20:55:41Z", "number": "4", "summary": "Update document" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Community Enterprise Operating System 7", "product": { "name": "Community Enterprise Operating System 7", "product_id": "CentOS-7", "product_identification_helper": { "cpe": "cpe:2.3:o:centos:centos:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Community Enterprise Operating System" } ], "category": "vendor", "name": "Red Hat, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els1.x86_64", "product": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els1.x86_64", "product_id": "openssl-1:1.0.2k-26.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl@1.0.2k-26.el7_9.tuxcare.els1?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els2.x86_64", "product": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els2.x86_64", "product_id": "openssl-1:1.0.2k-26.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl@1.0.2k-26.el7_9.tuxcare.els2?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product_id": "openssl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl@1.0.2k-26.el7_9.tuxcare.els3?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product_id": "openssl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl@1.0.2k-26.el7_9.tuxcare.els4?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product_id": "openssl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl@1.0.2k-26.el7_9.tuxcare.els5?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_id": "openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl@1.0.2k-26.el7_9.tuxcare.els6?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-devel@1.0.2k-26.el7_9.tuxcare.els3?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-devel@1.0.2k-26.el7_9.tuxcare.els4?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-devel@1.0.2k-26.el7_9.tuxcare.els5?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-devel@1.0.2k-26.el7_9.tuxcare.els6?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-libs@1.0.2k-26.el7_9.tuxcare.els3?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-libs@1.0.2k-26.el7_9.tuxcare.els4?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-libs@1.0.2k-26.el7_9.tuxcare.els5?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-libs@1.0.2k-26.el7_9.tuxcare.els6?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product": { "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product_id": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-perl@1.0.2k-26.el7_9.tuxcare.els3?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product": { "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product_id": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-perl@1.0.2k-26.el7_9.tuxcare.els4?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product": { "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product_id": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-perl@1.0.2k-26.el7_9.tuxcare.els5?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product": { "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_id": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-perl@1.0.2k-26.el7_9.tuxcare.els6?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product_id": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-static@1.0.2k-26.el7_9.tuxcare.els3?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product_id": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-static@1.0.2k-26.el7_9.tuxcare.els4?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product_id": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-static@1.0.2k-26.el7_9.tuxcare.els5?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_id": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-static@1.0.2k-26.el7_9.tuxcare.els6?arch=x86_64&epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-devel@1.0.2k-26.el7_9.tuxcare.els3?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-devel@1.0.2k-26.el7_9.tuxcare.els4?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-devel@1.0.2k-26.el7_9.tuxcare.els5?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-devel@1.0.2k-26.el7_9.tuxcare.els6?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-libs@1.0.2k-26.el7_9.tuxcare.els3?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-libs@1.0.2k-26.el7_9.tuxcare.els4?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-libs@1.0.2k-26.el7_9.tuxcare.els5?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-libs@1.0.2k-26.el7_9.tuxcare.els6?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "product_id": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-static@1.0.2k-26.el7_9.tuxcare.els3?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "product_id": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-static@1.0.2k-26.el7_9.tuxcare.els4?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "product_id": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-static@1.0.2k-26.el7_9.tuxcare.els5?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_id": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-static@1.0.2k-26.el7_9.tuxcare.els6?arch=i686&epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "TuxCare" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "openssl-1:1.0.2k-26.el7_9.x86_64", "product": { "name": "openssl-1:1.0.2k-26.el7_9.x86_64", "product_id": "openssl-1:1.0.2k-26.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/centos/openssl@1.0.2k-26.el7_9?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.x86_64", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.x86_64", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/centos/openssl-devel@1.0.2k-26.el7_9?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.x86_64", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.x86_64", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/centos/openssl-libs@1.0.2k-26.el7_9?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.0.2k-26.el7_9.x86_64", "product": { "name": "openssl-perl-1:1.0.2k-26.el7_9.x86_64", "product_id": "openssl-perl-1:1.0.2k-26.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/centos/openssl-perl@1.0.2k-26.el7_9?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.x86_64", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.x86_64", "product_id": "openssl-static-1:1.0.2k-26.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/centos/openssl-static@1.0.2k-26.el7_9?arch=x86_64&epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.i686", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.i686", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.i686", "product_identification_helper": { "purl": "pkg:rpm/centos/openssl-devel@1.0.2k-26.el7_9?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.i686", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.i686", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.i686", "product_identification_helper": { "purl": "pkg:rpm/centos/openssl-libs@1.0.2k-26.el7_9?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.i686", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.i686", "product_id": "openssl-static-1:1.0.2k-26.el7_9.i686", "product_identification_helper": { "purl": "pkg:rpm/centos/openssl-static@1.0.2k-26.el7_9?arch=i686&epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat, Inc." } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els1.x86_64" }, "product_reference": "openssl-1:1.0.2k-26.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els2.x86_64" }, "product_reference": "openssl-1:1.0.2k-26.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64" }, "product_reference": "openssl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64" }, "product_reference": "openssl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64" }, "product_reference": "openssl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" }, "product_reference": "openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.i686" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.i686" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.i686" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.i686" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.i686" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.i686" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64" }, "product_reference": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64" }, "product_reference": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64" }, "product_reference": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" }, "product_reference": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.i686" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.i686" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.i686" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.0.2k-26.el7_9.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-1:1.0.2k-26.el7_9.x86_64" }, "product_reference": "openssl-1:1.0.2k-26.el7_9.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.i686" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.x86_64" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.i686" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.x86_64" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.0.2k-26.el7_9.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.x86_64" }, "product_reference": "openssl-perl-1:1.0.2k-26.el7_9.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.i686 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.i686" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.i686", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.x86_64" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.x86_64", "relates_to_product_reference": "CentOS-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-0286", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type ('Type Confusion')" }, "notes": [ { "category": "description", "text": "There is a type confusion vulnerability relating to X.400 address processing\ninside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but\nthe public structure definition for GENERAL_NAME incorrectly specified the type\nof the x400Address field as ASN1_TYPE. This field is subsequently interpreted by\nthe OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an\nASN1_STRING.\n\nWhen CRL checking is enabled (i.e. the application sets the\nX509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass\narbitrary pointers to a memcmp call, enabling them to read memory contents or\nenact a denial of service. In most cases, the attack requires the attacker to\nprovide both the certificate chain and CRL, neither of which need to have a\nvalid signature. If the attacker only controls one of these inputs, the other\ninput must already contain an X.400 address as a CRL distribution point, which\nis uncommon. As such, this vulnerability is most likely to only affect\napplications which have implemented their own functionality for retrieving CRLs\nover a network.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els1.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els2.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" ], "known_affected": [ "CentOS-7:openssl-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-0286" }, { "category": "external", "summary": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt", "url": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt" }, { "category": "external", "summary": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig", "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig" }, { "category": "external", "summary": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9" }, { "category": "external", "summary": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658" }, { "category": "external", "summary": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202402-08", "url": "https://security.gentoo.org/glsa/202402-08" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20230207.txt", "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "category": "external", "summary": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003", "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003" } ], "release_date": "2023-02-08T20:15:00Z", "remediations": [ { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:openssl-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els1.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els2.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "CentOS-7:openssl-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "CentOS-7:openssl-devel-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "CentOS-7:openssl-libs-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "CentOS-7:openssl-perl-1:1.0.2k-26.el7_9.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els3.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els4.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els5.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "CentOS-7:openssl-static-1:1.0.2k-26.el7_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }