[Debian] CVE: CVE-2022-47629/CVE-2022-3515: libksba : integer overflow vulnerability.
Bug #2002277 reported by
Yue Tao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Critical
|
Zhixiong Chi |
Bug Description
CVE-2022-47629: https:/
CVE-2022-3515: https:/
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
Score:
cve_id status cvss3Score av ac pr ui ai
CVE-2022-47629 fixed 9.8 N L N N H
CVE-2022-3515 fixed 9.8 N L N N H
References:
https:/
https:/
['libksba8_
Found during December 2022 CVE scan using vulscan
CVE References
information type: | Public → Public Security |
Changed in starlingx: | |
importance: | Undecided → Critical |
status: | New → Triaged |
assignee: | nobody → Zhixiong Chi (zhixiongchi) |
tags: | added: stx.8.0 stx.security |
Changed in starlingx: | |
status: | Triaged → In Progress |
summary: |
- [Debian] CVE: CVE-2022-47629: libksba : integer overflow vulnerability. + [Debian] CVE: CVE-2022-47629/CVE-2022-3515: libksba : integer overflow + vulnerability. |
description: | updated |
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/c/starlingx /tools/ +/869890
Review: https:/