Action not permitted
Modal body text goes here.
Modal Title
Modal Body
usn-7018-1
Vulnerability from osv_ubuntu
Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky discovered that certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This was fixed in this update by removing the insecure ciphersuites from OpenSSL. (CVE-2020-1968)
Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2021-23840)
Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. (CVE-2022-1292)
Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. (CVE-2022-2068)
It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-3446)
Bahaa Naamneh discovered that OpenSSL incorrectly handled certain malformed PKCS12 files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2024-0727)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2020-1968",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2021-23840",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2022-1292",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2022-2068",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-3446",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-0727",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:14.04:LTS"
}
},
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
},
{
"binary_name": "openssl",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.1f-1ubuntu2.27+esm10?arch=source\u0026distro=trusty/esm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1f-1ubuntu2.27+esm10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.1e-3ubuntu1",
"1.0.1e-4ubuntu1",
"1.0.1e-4ubuntu2",
"1.0.1e-4ubuntu3",
"1.0.1e-4ubuntu4",
"1.0.1f-1ubuntu1",
"1.0.1f-1ubuntu2",
"1.0.1f-1ubuntu2.1",
"1.0.1f-1ubuntu2.2",
"1.0.1f-1ubuntu2.3",
"1.0.1f-1ubuntu2.4",
"1.0.1f-1ubuntu2.5",
"1.0.1f-1ubuntu2.7",
"1.0.1f-1ubuntu2.8",
"1.0.1f-1ubuntu2.11",
"1.0.1f-1ubuntu2.12",
"1.0.1f-1ubuntu2.15",
"1.0.1f-1ubuntu2.16",
"1.0.1f-1ubuntu2.17",
"1.0.1f-1ubuntu2.18",
"1.0.1f-1ubuntu2.19",
"1.0.1f-1ubuntu2.20",
"1.0.1f-1ubuntu2.21",
"1.0.1f-1ubuntu2.22",
"1.0.1f-1ubuntu2.23",
"1.0.1f-1ubuntu2.24",
"1.0.1f-1ubuntu2.25",
"1.0.1f-1ubuntu2.26",
"1.0.1f-1ubuntu2.27",
"1.0.1f-1ubuntu2.27+esm1",
"1.0.1f-1ubuntu2.27+esm2",
"1.0.1f-1ubuntu2.27+esm3",
"1.0.1f-1ubuntu2.27+esm4",
"1.0.1f-1ubuntu2.27+esm5",
"1.0.1f-1ubuntu2.27+esm6",
"1.0.1f-1ubuntu2.27+esm7",
"1.0.1f-1ubuntu2.27+esm9"
]
}
],
"aliases": [],
"details": "Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky\ndiscovered that certain Diffie-Hellman ciphersuites in the TLS\nspecification and implemented by OpenSSL contained a flaw. A remote\nattacker could possibly use this issue to eavesdrop on encrypted\ncommunications. This was fixed in this update by removing the insecure\nciphersuites from OpenSSL. (CVE-2020-1968)\n\nPaul Kehrer discovered that OpenSSL incorrectly handled certain input\nlengths in EVP functions. A remote attacker could possibly use this issue\nto cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2021-23840)\n\nElison Niven discovered that OpenSSL incorrectly handled the c_rehash\nscript. A local attacker could possibly use this issue to execute arbitrary\ncommands when c_rehash is run. (CVE-2022-1292)\n\nChancen and Daniel Fiala discovered that OpenSSL incorrectly handled the\nc_rehash script. A local attacker could possibly use this issue to execute\narbitrary commands when c_rehash is run. (CVE-2022-2068)\n\nIt was discovered that OpenSSL incorrectly handled excessively large\nDiffie-Hellman parameters. An attacker could possibly use this issue\nto cause a denial of service. (CVE-2023-3446)\n\nBahaa Naamneh discovered that OpenSSL incorrectly handled certain malformed\nPKCS12 files. A remote attacker could possibly use this issue to cause\nOpenSSL to crash, resulting in a denial of service. (CVE-2024-0727)\n",
"id": "USN-7018-1",
"modified": "2026-06-29T10:53:17Z",
"published": "2024-09-18T00:38:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7018-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2020-1968"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-23840"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-1292"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-2068"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2023-3446"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-0727"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "openssl vulnerabilities",
"upstream": [
"UBUNTU-CVE-2020-1968",
"UBUNTU-CVE-2021-23840",
"UBUNTU-CVE-2022-1292",
"UBUNTU-CVE-2022-2068",
"UBUNTU-CVE-2023-3446",
"UBUNTU-CVE-2024-0727"
]
}
ubuntu-cve-2020-1968
Vulnerability from osv_ubuntu
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites. This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL 1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v).
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
},
{
"binary_name": "openssl",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.1f-1ubuntu2.27+esm10?arch=source\u0026distro=trusty/esm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1f-1ubuntu2.27+esm10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.1e-3ubuntu1",
"1.0.1e-4ubuntu1",
"1.0.1e-4ubuntu2",
"1.0.1e-4ubuntu3",
"1.0.1e-4ubuntu4",
"1.0.1f-1ubuntu1",
"1.0.1f-1ubuntu2",
"1.0.1f-1ubuntu2.1",
"1.0.1f-1ubuntu2.2",
"1.0.1f-1ubuntu2.3",
"1.0.1f-1ubuntu2.4",
"1.0.1f-1ubuntu2.5",
"1.0.1f-1ubuntu2.7",
"1.0.1f-1ubuntu2.8",
"1.0.1f-1ubuntu2.11",
"1.0.1f-1ubuntu2.12",
"1.0.1f-1ubuntu2.15",
"1.0.1f-1ubuntu2.16",
"1.0.1f-1ubuntu2.17",
"1.0.1f-1ubuntu2.18",
"1.0.1f-1ubuntu2.19",
"1.0.1f-1ubuntu2.20",
"1.0.1f-1ubuntu2.21",
"1.0.1f-1ubuntu2.22",
"1.0.1f-1ubuntu2.23",
"1.0.1f-1ubuntu2.24",
"1.0.1f-1ubuntu2.25",
"1.0.1f-1ubuntu2.26",
"1.0.1f-1ubuntu2.27",
"1.0.1f-1ubuntu2.27+esm1",
"1.0.1f-1ubuntu2.27+esm2",
"1.0.1f-1ubuntu2.27+esm3",
"1.0.1f-1ubuntu2.27+esm4",
"1.0.1f-1ubuntu2.27+esm5",
"1.0.1f-1ubuntu2.27+esm6",
"1.0.1f-1ubuntu2.27+esm7",
"1.0.1f-1ubuntu2.27+esm9"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.17"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.17"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.17?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.17"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2d-0ubuntu1",
"1.0.2d-0ubuntu2",
"1.0.2e-1ubuntu1",
"1.0.2f-2ubuntu1",
"1.0.2g-1ubuntu2",
"1.0.2g-1ubuntu3",
"1.0.2g-1ubuntu4",
"1.0.2g-1ubuntu4.1",
"1.0.2g-1ubuntu4.2",
"1.0.2g-1ubuntu4.4",
"1.0.2g-1ubuntu4.5",
"1.0.2g-1ubuntu4.6",
"1.0.2g-1ubuntu4.8",
"1.0.2g-1ubuntu4.9",
"1.0.2g-1ubuntu4.10",
"1.0.2g-1ubuntu4.11",
"1.0.2g-1ubuntu4.12",
"1.0.2g-1ubuntu4.13",
"1.0.2g-1ubuntu4.14",
"1.0.2g-1ubuntu4.15",
"1.0.2g-1ubuntu4.16"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20160408.ffea0a2c-2ubuntu0.2+esm3?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20150106.5c2d456b-2",
"0~20160104.c2a892d7-1",
"0~20160408.ffea0a2c-2",
"0~20160408.ffea0a2c-2ubuntu0.1",
"0~20160408.ffea0a2c-2ubuntu0.2",
"0~20160408.ffea0a2c-2ubuntu0.2+esm1",
"0~20160408.ffea0a2c-2ubuntu0.2+esm3"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.17.1"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.17.1"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.17.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.17.1?arch=source\u0026distro=fips-updates/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.fips.4.17.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.9.1",
"1.0.2g-1ubuntu4.fips.4.13.1",
"1.0.2g-1ubuntu4.fips.4.15.1",
"1.0.2g-1ubuntu4.fips.4.16.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.6.3?arch=source\u0026distro=fips/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.6~ppa1",
"1.0.2g-1ubuntu4.fips.4.6~ppa2",
"1.0.2g-1ubuntu4.fips.4.6~ppa3",
"1.0.2g-1ubuntu4.fips.4.6",
"1.0.2g-1ubuntu4.fips.4.6.1",
"1.0.2g-1ubuntu4.fips.4.6.2",
"1.0.2g-1ubuntu4.fips.4.6.3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2n-1ubuntu5.4"
},
{
"binary_name": "openssl1.0",
"binary_version": "1.0.2n-1ubuntu5.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "openssl1.0",
"purl": "pkg:deb/ubuntu/openssl1.0@1.0.2n-1ubuntu5.4?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2n-1ubuntu5.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2n-1ubuntu2",
"1.0.2n-1ubuntu3",
"1.0.2n-1ubuntu4",
"1.0.2n-1ubuntu5",
"1.0.2n-1ubuntu5.1",
"1.0.2n-1ubuntu5.2",
"1.0.2n-1ubuntu5.3"
]
}
],
"aliases": [],
"details": "The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites. This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL 1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v).",
"id": "UBUNTU-CVE-2020-1968",
"modified": "2026-04-27T14:13:07Z",
"published": "2020-09-09T00:00:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2020-1968"
},
{
"type": "REPORT",
"url": "https://www.openssl.org/news/secadv/20200909.txt"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-4504-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1968"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7018-1"
}
],
"related": [
"USN-4504-1",
"USN-7018-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2020-1968"
]
}
ubuntu-cve-2021-23840
Vulnerability from osv_ubuntu
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
},
{
"binary_name": "openssl",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.1f-1ubuntu2.27+esm10?arch=source\u0026distro=trusty/esm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1f-1ubuntu2.27+esm10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.1e-3ubuntu1",
"1.0.1e-4ubuntu1",
"1.0.1e-4ubuntu2",
"1.0.1e-4ubuntu3",
"1.0.1e-4ubuntu4",
"1.0.1f-1ubuntu1",
"1.0.1f-1ubuntu2",
"1.0.1f-1ubuntu2.1",
"1.0.1f-1ubuntu2.2",
"1.0.1f-1ubuntu2.3",
"1.0.1f-1ubuntu2.4",
"1.0.1f-1ubuntu2.5",
"1.0.1f-1ubuntu2.7",
"1.0.1f-1ubuntu2.8",
"1.0.1f-1ubuntu2.11",
"1.0.1f-1ubuntu2.12",
"1.0.1f-1ubuntu2.15",
"1.0.1f-1ubuntu2.16",
"1.0.1f-1ubuntu2.17",
"1.0.1f-1ubuntu2.18",
"1.0.1f-1ubuntu2.19",
"1.0.1f-1ubuntu2.20",
"1.0.1f-1ubuntu2.21",
"1.0.1f-1ubuntu2.22",
"1.0.1f-1ubuntu2.23",
"1.0.1f-1ubuntu2.24",
"1.0.1f-1ubuntu2.25",
"1.0.1f-1ubuntu2.26",
"1.0.1f-1ubuntu2.27",
"1.0.1f-1ubuntu2.27+esm1",
"1.0.1f-1ubuntu2.27+esm2",
"1.0.1f-1ubuntu2.27+esm3",
"1.0.1f-1ubuntu2.27+esm4",
"1.0.1f-1ubuntu2.27+esm5",
"1.0.1f-1ubuntu2.27+esm6",
"1.0.1f-1ubuntu2.27+esm7",
"1.0.1f-1ubuntu2.27+esm9"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.19"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.19"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.19?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.19"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2d-0ubuntu1",
"1.0.2d-0ubuntu2",
"1.0.2e-1ubuntu1",
"1.0.2f-2ubuntu1",
"1.0.2g-1ubuntu2",
"1.0.2g-1ubuntu3",
"1.0.2g-1ubuntu4",
"1.0.2g-1ubuntu4.1",
"1.0.2g-1ubuntu4.2",
"1.0.2g-1ubuntu4.4",
"1.0.2g-1ubuntu4.5",
"1.0.2g-1ubuntu4.6",
"1.0.2g-1ubuntu4.8",
"1.0.2g-1ubuntu4.9",
"1.0.2g-1ubuntu4.10",
"1.0.2g-1ubuntu4.11",
"1.0.2g-1ubuntu4.12",
"1.0.2g-1ubuntu4.13",
"1.0.2g-1ubuntu4.14",
"1.0.2g-1ubuntu4.15",
"1.0.2g-1ubuntu4.16",
"1.0.2g-1ubuntu4.17",
"1.0.2g-1ubuntu4.18"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20160408.ffea0a2c-2ubuntu0.2+esm3?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20150106.5c2d456b-2",
"0~20160104.c2a892d7-1",
"0~20160408.ffea0a2c-2",
"0~20160408.ffea0a2c-2ubuntu0.1",
"0~20160408.ffea0a2c-2ubuntu0.2",
"0~20160408.ffea0a2c-2ubuntu0.2+esm1",
"0~20160408.ffea0a2c-2ubuntu0.2+esm3"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.19.3"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.19.3"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.19.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.19.3?arch=source\u0026distro=fips-updates/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.fips.4.19.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.9.1",
"1.0.2g-1ubuntu4.fips.4.13.1",
"1.0.2g-1ubuntu4.fips.4.15.1",
"1.0.2g-1ubuntu4.fips.4.16.1",
"1.0.2g-1ubuntu4.fips.4.17.1",
"1.0.2g-1ubuntu4.fips.4.18.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.6.3?arch=source\u0026distro=fips/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.6~ppa1",
"1.0.2g-1ubuntu4.fips.4.6~ppa2",
"1.0.2g-1ubuntu4.fips.4.6~ppa3",
"1.0.2g-1ubuntu4.fips.4.6",
"1.0.2g-1ubuntu4.fips.4.6.1",
"1.0.2g-1ubuntu4.fips.4.6.2",
"1.0.2g-1ubuntu4.fips.4.6.3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.1~18.04.8"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.1~18.04.8"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.1~18.04.8?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1-1ubuntu2.1~18.04.8"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu13",
"1.0.2g-1ubuntu14",
"1.0.2n-1ubuntu1",
"1.1.0g-2ubuntu1",
"1.1.0g-2ubuntu2",
"1.1.0g-2ubuntu3",
"1.1.0g-2ubuntu4",
"1.1.0g-2ubuntu4.1",
"1.1.0g-2ubuntu4.3",
"1.1.1-1ubuntu2.1~18.04.1",
"1.1.1-1ubuntu2.1~18.04.2",
"1.1.1-1ubuntu2.1~18.04.3",
"1.1.1-1ubuntu2.1~18.04.4",
"1.1.1-1ubuntu2.1~18.04.5",
"1.1.1-1ubuntu2.1~18.04.6",
"1.1.1-1ubuntu2.1~18.04.7"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2n-1ubuntu5.6"
},
{
"binary_name": "openssl1.0",
"binary_version": "1.0.2n-1ubuntu5.6"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "openssl1.0",
"purl": "pkg:deb/ubuntu/openssl1.0@1.0.2n-1ubuntu5.6?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2n-1ubuntu5.6"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2n-1ubuntu2",
"1.0.2n-1ubuntu3",
"1.0.2n-1ubuntu4",
"1.0.2n-1ubuntu5",
"1.0.2n-1ubuntu5.1",
"1.0.2n-1ubuntu5.2",
"1.0.2n-1ubuntu5.3",
"1.0.2n-1ubuntu5.4",
"1.0.2n-1ubuntu5.5"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20180205.c0d9813c-2ubuntu0.3+esm2?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20170911.5dfba97c-1",
"0~20171010.234dbcef-1",
"0~20171027.76fd5a66-1",
"0~20171205.a9212288-1",
"0~20180105.0bc94c74-1",
"0~20180205.c0d9813c-1",
"0~20180205.c0d9813c-2",
"0~20180205.c0d9813c-2ubuntu0.1",
"0~20180205.c0d9813c-2ubuntu0.2",
"0~20180205.c0d9813c-2ubuntu0.3",
"0~20180205.c0d9813c-2ubuntu0.3+esm1",
"0~20180205.c0d9813c-2ubuntu0.3+esm2"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.9.1"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.9.1"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.9.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.9.1?arch=source\u0026distro=fips-updates/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1-1ubuntu2.fips.2.1~18.04.9.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1-1ubuntu2.fips.2.1~18.04.5.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.6.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.7.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.15.2?arch=source\u0026distro=fips/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1-1ubuntu2.fips.2.1~18.04.3.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.3"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.3"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.3"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20191122.bd85bf54-2ubuntu3.3?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0~20191122.bd85bf54-2ubuntu3.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20190606.20d2e5a1-2ubuntu1",
"0~20190828.37eef910-3",
"0~20190828.37eef910-4",
"0~20191122.bd85bf54-1",
"0~20191122.bd85bf54-1ubuntu1",
"0~20191122.bd85bf54-2",
"0~20191122.bd85bf54-2ubuntu1",
"0~20191122.bd85bf54-2ubuntu2",
"0~20191122.bd85bf54-2ubuntu3",
"0~20191122.bd85bf54-2ubuntu3.1",
"0~20191122.bd85bf54-2ubuntu3.2"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.2"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.2?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1c-1ubuntu4",
"1.1.1d-2ubuntu3",
"1.1.1d-2ubuntu6",
"1.1.1f-1ubuntu1",
"1.1.1f-1ubuntu2",
"1.1.1f-1ubuntu2.1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.fips.7.2"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1f-1ubuntu2.fips.7.2"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.fips.7.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.7.2?arch=source\u0026distro=fips-updates/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.fips.7.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1f-1ubuntu2.fips.7"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.fips.2.8"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1f-1ubuntu2.fips.2.8"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.fips.2.8"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.2.8?arch=source\u0026distro=fips/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.fips.2.8"
}
],
"type": "ECOSYSTEM"
}
],
"versions": []
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libnode72",
"binary_version": "12.22.9~dfsg-1ubuntu3.6+esm2"
},
{
"binary_name": "nodejs",
"binary_version": "12.22.9~dfsg-1ubuntu3.6+esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"name": "nodejs",
"purl": "pkg:deb/ubuntu/nodejs@12.22.9~dfsg-1ubuntu3.6+esm2?arch=source\u0026distro=esm-apps/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"12.22.5~dfsg-5ubuntu1",
"12.22.7~dfsg-2ubuntu1",
"12.22.7~dfsg-2ubuntu3",
"12.22.9~dfsg-1ubuntu2",
"12.22.9~dfsg-1ubuntu3",
"12.22.9~dfsg-1ubuntu3.1",
"12.22.9~dfsg-1ubuntu3.2",
"12.22.9~dfsg-1ubuntu3.3",
"12.22.9~dfsg-1ubuntu3.4",
"12.22.9~dfsg-1ubuntu3.5",
"12.22.9~dfsg-1ubuntu3.6",
"12.22.9~dfsg-1ubuntu3.6+esm2"
]
}
],
"aliases": [],
"details": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).",
"id": "UBUNTU-CVE-2021-23840",
"modified": "2026-04-27T14:13:36Z",
"published": "2021-02-16T17:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-23840"
},
{
"type": "REPORT",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-4738-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5088-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7018-1"
}
],
"related": [
"USN-4738-1",
"USN-5088-1",
"USN-7018-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-23840"
]
}
ubuntu-cve-2022-1292
Vulnerability from osv_ubuntu
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
},
{
"binary_name": "openssl",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.1f-1ubuntu2.27+esm10?arch=source\u0026distro=trusty/esm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1f-1ubuntu2.27+esm10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.1e-3ubuntu1",
"1.0.1e-4ubuntu1",
"1.0.1e-4ubuntu2",
"1.0.1e-4ubuntu3",
"1.0.1e-4ubuntu4",
"1.0.1f-1ubuntu1",
"1.0.1f-1ubuntu2",
"1.0.1f-1ubuntu2.1",
"1.0.1f-1ubuntu2.2",
"1.0.1f-1ubuntu2.3",
"1.0.1f-1ubuntu2.4",
"1.0.1f-1ubuntu2.5",
"1.0.1f-1ubuntu2.7",
"1.0.1f-1ubuntu2.8",
"1.0.1f-1ubuntu2.11",
"1.0.1f-1ubuntu2.12",
"1.0.1f-1ubuntu2.15",
"1.0.1f-1ubuntu2.16",
"1.0.1f-1ubuntu2.17",
"1.0.1f-1ubuntu2.18",
"1.0.1f-1ubuntu2.19",
"1.0.1f-1ubuntu2.20",
"1.0.1f-1ubuntu2.21",
"1.0.1f-1ubuntu2.22",
"1.0.1f-1ubuntu2.23",
"1.0.1f-1ubuntu2.24",
"1.0.1f-1ubuntu2.25",
"1.0.1f-1ubuntu2.26",
"1.0.1f-1ubuntu2.27",
"1.0.1f-1ubuntu2.27+esm1",
"1.0.1f-1ubuntu2.27+esm2",
"1.0.1f-1ubuntu2.27+esm3",
"1.0.1f-1ubuntu2.27+esm4",
"1.0.1f-1ubuntu2.27+esm5",
"1.0.1f-1ubuntu2.27+esm6",
"1.0.1f-1ubuntu2.27+esm7",
"1.0.1f-1ubuntu2.27+esm9"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.20+esm3"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.20+esm3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.20+esm3?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.20+esm3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2d-0ubuntu1",
"1.0.2d-0ubuntu2",
"1.0.2e-1ubuntu1",
"1.0.2f-2ubuntu1",
"1.0.2g-1ubuntu2",
"1.0.2g-1ubuntu3",
"1.0.2g-1ubuntu4",
"1.0.2g-1ubuntu4.1",
"1.0.2g-1ubuntu4.2",
"1.0.2g-1ubuntu4.4",
"1.0.2g-1ubuntu4.5",
"1.0.2g-1ubuntu4.6",
"1.0.2g-1ubuntu4.8",
"1.0.2g-1ubuntu4.9",
"1.0.2g-1ubuntu4.10",
"1.0.2g-1ubuntu4.11",
"1.0.2g-1ubuntu4.12",
"1.0.2g-1ubuntu4.13",
"1.0.2g-1ubuntu4.14",
"1.0.2g-1ubuntu4.15",
"1.0.2g-1ubuntu4.16",
"1.0.2g-1ubuntu4.17",
"1.0.2g-1ubuntu4.18",
"1.0.2g-1ubuntu4.19",
"1.0.2g-1ubuntu4.20",
"1.0.2g-1ubuntu4.20+esm1",
"1.0.2g-1ubuntu4.20+esm2"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20160408.ffea0a2c-2ubuntu0.2+esm3?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20150106.5c2d456b-2",
"0~20160104.c2a892d7-1",
"0~20160408.ffea0a2c-2",
"0~20160408.ffea0a2c-2ubuntu0.1",
"0~20160408.ffea0a2c-2ubuntu0.2",
"0~20160408.ffea0a2c-2ubuntu0.2+esm1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.3"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.3"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.20.3?arch=source\u0026distro=fips-updates/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.fips.4.20.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.9.1",
"1.0.2g-1ubuntu4.fips.4.13.1",
"1.0.2g-1ubuntu4.fips.4.15.1",
"1.0.2g-1ubuntu4.fips.4.16.1",
"1.0.2g-1ubuntu4.fips.4.17.1",
"1.0.2g-1ubuntu4.fips.4.18.1",
"1.0.2g-1ubuntu4.fips.4.19.3",
"1.0.2g-1ubuntu4.fips.4.20.1",
"1.0.2g-1ubuntu4.fips.4.20.2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.6.3?arch=source\u0026distro=fips/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.6~ppa1",
"1.0.2g-1ubuntu4.fips.4.6~ppa2",
"1.0.2g-1ubuntu4.fips.4.6~ppa3",
"1.0.2g-1ubuntu4.fips.4.6",
"1.0.2g-1ubuntu4.fips.4.6.1",
"1.0.2g-1ubuntu4.fips.4.6.2",
"1.0.2g-1ubuntu4.fips.4.6.3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.1~18.04.17"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.1~18.04.17"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.1~18.04.17?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1-1ubuntu2.1~18.04.17"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu13",
"1.0.2g-1ubuntu14",
"1.0.2n-1ubuntu1",
"1.1.0g-2ubuntu1",
"1.1.0g-2ubuntu2",
"1.1.0g-2ubuntu3",
"1.1.0g-2ubuntu4",
"1.1.0g-2ubuntu4.1",
"1.1.0g-2ubuntu4.3",
"1.1.1-1ubuntu2.1~18.04.1",
"1.1.1-1ubuntu2.1~18.04.2",
"1.1.1-1ubuntu2.1~18.04.3",
"1.1.1-1ubuntu2.1~18.04.4",
"1.1.1-1ubuntu2.1~18.04.5",
"1.1.1-1ubuntu2.1~18.04.6",
"1.1.1-1ubuntu2.1~18.04.7",
"1.1.1-1ubuntu2.1~18.04.8",
"1.1.1-1ubuntu2.1~18.04.9",
"1.1.1-1ubuntu2.1~18.04.10",
"1.1.1-1ubuntu2.1~18.04.13",
"1.1.1-1ubuntu2.1~18.04.14",
"1.1.1-1ubuntu2.1~18.04.15"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2n-1ubuntu5.9"
},
{
"binary_name": "openssl1.0",
"binary_version": "1.0.2n-1ubuntu5.9"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "openssl1.0",
"purl": "pkg:deb/ubuntu/openssl1.0@1.0.2n-1ubuntu5.9?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2n-1ubuntu5.9"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2n-1ubuntu2",
"1.0.2n-1ubuntu3",
"1.0.2n-1ubuntu4",
"1.0.2n-1ubuntu5",
"1.0.2n-1ubuntu5.1",
"1.0.2n-1ubuntu5.2",
"1.0.2n-1ubuntu5.3",
"1.0.2n-1ubuntu5.4",
"1.0.2n-1ubuntu5.5",
"1.0.2n-1ubuntu5.6",
"1.0.2n-1ubuntu5.7",
"1.0.2n-1ubuntu5.8"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.17"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.17"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.17"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.17?arch=source\u0026distro=fips-updates/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1-1ubuntu2.fips.2.1~18.04.17"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1-1ubuntu2.fips.2.1~18.04.5.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.6.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.7.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.3",
"1.1.1-1ubuntu2.fips.2.1~18.04.13.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.15",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.15.2?arch=source\u0026distro=fips/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1-1ubuntu2.fips.2.1~18.04.3.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.13"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.13"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.13?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.13"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1c-1ubuntu4",
"1.1.1d-2ubuntu3",
"1.1.1d-2ubuntu6",
"1.1.1f-1ubuntu1",
"1.1.1f-1ubuntu2",
"1.1.1f-1ubuntu2.1",
"1.1.1f-1ubuntu2.2",
"1.1.1f-1ubuntu2.3",
"1.1.1f-1ubuntu2.4",
"1.1.1f-1ubuntu2.5",
"1.1.1f-1ubuntu2.8",
"1.1.1f-1ubuntu2.9",
"1.1.1f-1ubuntu2.10",
"1.1.1f-1ubuntu2.11",
"1.1.1f-1ubuntu2.12"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.fips.13.1"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1f-1ubuntu2.fips.13.1"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.fips.13.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.13.1?arch=source\u0026distro=fips-updates/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.fips.13.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1f-1ubuntu2.fips.7",
"1.1.1f-1ubuntu2.fips.7.2",
"1.1.1f-1ubuntu2.fips.12",
"1.1.1f-1ubuntu2.fips.13"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.7.1?arch=source\u0026distro=fips/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1f-1ubuntu2.fips.2.8",
"1.1.1f-1ubuntu2.fips.7.1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libnode72",
"binary_version": "12.22.9~dfsg-1ubuntu3.1"
},
{
"binary_name": "nodejs",
"binary_version": "12.22.9~dfsg-1ubuntu3.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "nodejs",
"purl": "pkg:deb/ubuntu/nodejs@12.22.9~dfsg-1ubuntu3.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "12.22.9~dfsg-1ubuntu3.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"12.22.5~dfsg-5ubuntu1",
"12.22.7~dfsg-2ubuntu1",
"12.22.7~dfsg-2ubuntu3",
"12.22.9~dfsg-1ubuntu2",
"12.22.9~dfsg-1ubuntu3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl3",
"binary_version": "3.0.2-0ubuntu1.1"
},
{
"binary_name": "openssl",
"binary_version": "3.0.2-0ubuntu1.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-0ubuntu1.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1l-1ubuntu1",
"3.0.0-1ubuntu1",
"3.0.1-0ubuntu1",
"3.0.2-0ubuntu1"
]
}
],
"aliases": [],
"details": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).",
"id": "UBUNTU-CVE-2022-1292",
"modified": "2026-04-22T07:41:11Z",
"published": "2022-05-03T00:00:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-1292"
},
{
"type": "REPORT",
"url": "https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5402-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5402-2"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6457-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7018-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7060-1"
}
],
"related": [
"USN-5402-1",
"USN-5402-2",
"USN-6457-1",
"USN-7018-1",
"USN-7060-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2022-1292"
]
}
ubuntu-cve-2022-2068
Vulnerability from osv_ubuntu
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
},
{
"binary_name": "openssl",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.1f-1ubuntu2.27+esm10?arch=source\u0026distro=trusty/esm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1f-1ubuntu2.27+esm10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.1e-3ubuntu1",
"1.0.1e-4ubuntu1",
"1.0.1e-4ubuntu2",
"1.0.1e-4ubuntu3",
"1.0.1e-4ubuntu4",
"1.0.1f-1ubuntu1",
"1.0.1f-1ubuntu2",
"1.0.1f-1ubuntu2.1",
"1.0.1f-1ubuntu2.2",
"1.0.1f-1ubuntu2.3",
"1.0.1f-1ubuntu2.4",
"1.0.1f-1ubuntu2.5",
"1.0.1f-1ubuntu2.7",
"1.0.1f-1ubuntu2.8",
"1.0.1f-1ubuntu2.11",
"1.0.1f-1ubuntu2.12",
"1.0.1f-1ubuntu2.15",
"1.0.1f-1ubuntu2.16",
"1.0.1f-1ubuntu2.17",
"1.0.1f-1ubuntu2.18",
"1.0.1f-1ubuntu2.19",
"1.0.1f-1ubuntu2.20",
"1.0.1f-1ubuntu2.21",
"1.0.1f-1ubuntu2.22",
"1.0.1f-1ubuntu2.23",
"1.0.1f-1ubuntu2.24",
"1.0.1f-1ubuntu2.25",
"1.0.1f-1ubuntu2.26",
"1.0.1f-1ubuntu2.27",
"1.0.1f-1ubuntu2.27+esm1",
"1.0.1f-1ubuntu2.27+esm2",
"1.0.1f-1ubuntu2.27+esm3",
"1.0.1f-1ubuntu2.27+esm4",
"1.0.1f-1ubuntu2.27+esm5",
"1.0.1f-1ubuntu2.27+esm6",
"1.0.1f-1ubuntu2.27+esm7",
"1.0.1f-1ubuntu2.27+esm9"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.20+esm5"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.20+esm5"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.20+esm5?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.20+esm5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2d-0ubuntu1",
"1.0.2d-0ubuntu2",
"1.0.2e-1ubuntu1",
"1.0.2f-2ubuntu1",
"1.0.2g-1ubuntu2",
"1.0.2g-1ubuntu3",
"1.0.2g-1ubuntu4",
"1.0.2g-1ubuntu4.1",
"1.0.2g-1ubuntu4.2",
"1.0.2g-1ubuntu4.4",
"1.0.2g-1ubuntu4.5",
"1.0.2g-1ubuntu4.6",
"1.0.2g-1ubuntu4.8",
"1.0.2g-1ubuntu4.9",
"1.0.2g-1ubuntu4.10",
"1.0.2g-1ubuntu4.11",
"1.0.2g-1ubuntu4.12",
"1.0.2g-1ubuntu4.13",
"1.0.2g-1ubuntu4.14",
"1.0.2g-1ubuntu4.15",
"1.0.2g-1ubuntu4.16",
"1.0.2g-1ubuntu4.17",
"1.0.2g-1ubuntu4.18",
"1.0.2g-1ubuntu4.19",
"1.0.2g-1ubuntu4.20",
"1.0.2g-1ubuntu4.20+esm1",
"1.0.2g-1ubuntu4.20+esm2",
"1.0.2g-1ubuntu4.20+esm3",
"1.0.2g-1ubuntu4.20+esm4"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20160408.ffea0a2c-2ubuntu0.2+esm3?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20150106.5c2d456b-2",
"0~20160104.c2a892d7-1",
"0~20160408.ffea0a2c-2",
"0~20160408.ffea0a2c-2ubuntu0.1",
"0~20160408.ffea0a2c-2ubuntu0.2",
"0~20160408.ffea0a2c-2ubuntu0.2+esm1",
"0~20160408.ffea0a2c-2ubuntu0.2+esm3"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.3"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.3"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.20.3?arch=source\u0026distro=fips-updates/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.fips.4.20.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.9.1",
"1.0.2g-1ubuntu4.fips.4.13.1",
"1.0.2g-1ubuntu4.fips.4.15.1",
"1.0.2g-1ubuntu4.fips.4.16.1",
"1.0.2g-1ubuntu4.fips.4.17.1",
"1.0.2g-1ubuntu4.fips.4.18.1",
"1.0.2g-1ubuntu4.fips.4.19.3",
"1.0.2g-1ubuntu4.fips.4.20.1",
"1.0.2g-1ubuntu4.fips.4.20.2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.6.3?arch=source\u0026distro=fips/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.6~ppa1",
"1.0.2g-1ubuntu4.fips.4.6~ppa2",
"1.0.2g-1ubuntu4.fips.4.6~ppa3",
"1.0.2g-1ubuntu4.fips.4.6",
"1.0.2g-1ubuntu4.fips.4.6.1",
"1.0.2g-1ubuntu4.fips.4.6.2",
"1.0.2g-1ubuntu4.fips.4.6.3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.1~18.04.19"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.1~18.04.19"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.1~18.04.19?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1-1ubuntu2.1~18.04.19"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu13",
"1.0.2g-1ubuntu14",
"1.0.2n-1ubuntu1",
"1.1.0g-2ubuntu1",
"1.1.0g-2ubuntu2",
"1.1.0g-2ubuntu3",
"1.1.0g-2ubuntu4",
"1.1.0g-2ubuntu4.1",
"1.1.0g-2ubuntu4.3",
"1.1.1-1ubuntu2.1~18.04.1",
"1.1.1-1ubuntu2.1~18.04.2",
"1.1.1-1ubuntu2.1~18.04.3",
"1.1.1-1ubuntu2.1~18.04.4",
"1.1.1-1ubuntu2.1~18.04.5",
"1.1.1-1ubuntu2.1~18.04.6",
"1.1.1-1ubuntu2.1~18.04.7",
"1.1.1-1ubuntu2.1~18.04.8",
"1.1.1-1ubuntu2.1~18.04.9",
"1.1.1-1ubuntu2.1~18.04.10",
"1.1.1-1ubuntu2.1~18.04.13",
"1.1.1-1ubuntu2.1~18.04.14",
"1.1.1-1ubuntu2.1~18.04.15",
"1.1.1-1ubuntu2.1~18.04.17"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2n-1ubuntu5.10"
},
{
"binary_name": "openssl1.0",
"binary_version": "1.0.2n-1ubuntu5.10"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "openssl1.0",
"purl": "pkg:deb/ubuntu/openssl1.0@1.0.2n-1ubuntu5.10?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2n-1ubuntu5.10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2n-1ubuntu2",
"1.0.2n-1ubuntu3",
"1.0.2n-1ubuntu4",
"1.0.2n-1ubuntu5",
"1.0.2n-1ubuntu5.1",
"1.0.2n-1ubuntu5.2",
"1.0.2n-1ubuntu5.3",
"1.0.2n-1ubuntu5.4",
"1.0.2n-1ubuntu5.5",
"1.0.2n-1ubuntu5.6",
"1.0.2n-1ubuntu5.7",
"1.0.2n-1ubuntu5.8",
"1.0.2n-1ubuntu5.9"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.20"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.20"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.20"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.20?arch=source\u0026distro=fips-updates/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1-1ubuntu2.fips.2.1~18.04.20"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1-1ubuntu2.fips.2.1~18.04.5.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.6.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.7.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.3",
"1.1.1-1ubuntu2.fips.2.1~18.04.13.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.15",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.17"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.15.2?arch=source\u0026distro=fips/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1-1ubuntu2.fips.2.1~18.04.3.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.15"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.15"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.15?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.15"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1c-1ubuntu4",
"1.1.1d-2ubuntu3",
"1.1.1d-2ubuntu6",
"1.1.1f-1ubuntu1",
"1.1.1f-1ubuntu2",
"1.1.1f-1ubuntu2.1",
"1.1.1f-1ubuntu2.2",
"1.1.1f-1ubuntu2.3",
"1.1.1f-1ubuntu2.4",
"1.1.1f-1ubuntu2.5",
"1.1.1f-1ubuntu2.8",
"1.1.1f-1ubuntu2.9",
"1.1.1f-1ubuntu2.10",
"1.1.1f-1ubuntu2.11",
"1.1.1f-1ubuntu2.12",
"1.1.1f-1ubuntu2.13"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.fips.16"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1f-1ubuntu2.fips.16"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.fips.16"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.16?arch=source\u0026distro=fips-updates/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.fips.16"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1f-1ubuntu2.fips.7",
"1.1.1f-1ubuntu2.fips.7.2",
"1.1.1f-1ubuntu2.fips.12",
"1.1.1f-1ubuntu2.fips.13",
"1.1.1f-1ubuntu2.fips.13.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.7.1?arch=source\u0026distro=fips/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1f-1ubuntu2.fips.2.8",
"1.1.1f-1ubuntu2.fips.7.1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libnode72",
"binary_version": "12.22.9~dfsg-1ubuntu3.1"
},
{
"binary_name": "nodejs",
"binary_version": "12.22.9~dfsg-1ubuntu3.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "nodejs",
"purl": "pkg:deb/ubuntu/nodejs@12.22.9~dfsg-1ubuntu3.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "12.22.9~dfsg-1ubuntu3.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"12.22.5~dfsg-5ubuntu1",
"12.22.7~dfsg-2ubuntu1",
"12.22.7~dfsg-2ubuntu3",
"12.22.9~dfsg-1ubuntu2",
"12.22.9~dfsg-1ubuntu3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl3",
"binary_version": "3.0.2-0ubuntu1.5"
},
{
"binary_name": "openssl",
"binary_version": "3.0.2-0ubuntu1.5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-0ubuntu1.5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1l-1ubuntu1",
"3.0.0-1ubuntu1",
"3.0.1-0ubuntu1",
"3.0.2-0ubuntu1",
"3.0.2-0ubuntu1.1",
"3.0.2-0ubuntu1.2",
"3.0.2-0ubuntu1.4"
]
}
],
"aliases": [],
"details": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).",
"id": "UBUNTU-CVE-2022-2068",
"modified": "2026-04-22T07:41:14Z",
"published": "2022-06-21T00:00:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-2068"
},
{
"type": "REPORT",
"url": "https://www.openssl.org/news/secadv/20220621.txt"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5488-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5488-2"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6457-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7018-1"
}
],
"related": [
"USN-5488-1",
"USN-5488-2",
"USN-6457-1",
"USN-7018-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2022-2068"
]
}
ubuntu-cve-2023-3446
Vulnerability from osv_ubuntu
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
},
{
"binary_name": "openssl",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.1f-1ubuntu2.27+esm10?arch=source\u0026distro=trusty/esm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1f-1ubuntu2.27+esm10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.1e-3ubuntu1",
"1.0.1e-4ubuntu1",
"1.0.1e-4ubuntu2",
"1.0.1e-4ubuntu3",
"1.0.1e-4ubuntu4",
"1.0.1f-1ubuntu1",
"1.0.1f-1ubuntu2",
"1.0.1f-1ubuntu2.1",
"1.0.1f-1ubuntu2.2",
"1.0.1f-1ubuntu2.3",
"1.0.1f-1ubuntu2.4",
"1.0.1f-1ubuntu2.5",
"1.0.1f-1ubuntu2.7",
"1.0.1f-1ubuntu2.8",
"1.0.1f-1ubuntu2.11",
"1.0.1f-1ubuntu2.12",
"1.0.1f-1ubuntu2.15",
"1.0.1f-1ubuntu2.16",
"1.0.1f-1ubuntu2.17",
"1.0.1f-1ubuntu2.18",
"1.0.1f-1ubuntu2.19",
"1.0.1f-1ubuntu2.20",
"1.0.1f-1ubuntu2.21",
"1.0.1f-1ubuntu2.22",
"1.0.1f-1ubuntu2.23",
"1.0.1f-1ubuntu2.24",
"1.0.1f-1ubuntu2.25",
"1.0.1f-1ubuntu2.26",
"1.0.1f-1ubuntu2.27",
"1.0.1f-1ubuntu2.27+esm1",
"1.0.1f-1ubuntu2.27+esm2",
"1.0.1f-1ubuntu2.27+esm3",
"1.0.1f-1ubuntu2.27+esm4",
"1.0.1f-1ubuntu2.27+esm5",
"1.0.1f-1ubuntu2.27+esm6",
"1.0.1f-1ubuntu2.27+esm7",
"1.0.1f-1ubuntu2.27+esm9"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.20+esm10"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.20+esm10"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.20+esm10?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.20+esm10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2d-0ubuntu1",
"1.0.2d-0ubuntu2",
"1.0.2e-1ubuntu1",
"1.0.2f-2ubuntu1",
"1.0.2g-1ubuntu2",
"1.0.2g-1ubuntu3",
"1.0.2g-1ubuntu4",
"1.0.2g-1ubuntu4.1",
"1.0.2g-1ubuntu4.2",
"1.0.2g-1ubuntu4.4",
"1.0.2g-1ubuntu4.5",
"1.0.2g-1ubuntu4.6",
"1.0.2g-1ubuntu4.8",
"1.0.2g-1ubuntu4.9",
"1.0.2g-1ubuntu4.10",
"1.0.2g-1ubuntu4.11",
"1.0.2g-1ubuntu4.12",
"1.0.2g-1ubuntu4.13",
"1.0.2g-1ubuntu4.14",
"1.0.2g-1ubuntu4.15",
"1.0.2g-1ubuntu4.16",
"1.0.2g-1ubuntu4.17",
"1.0.2g-1ubuntu4.18",
"1.0.2g-1ubuntu4.19",
"1.0.2g-1ubuntu4.20",
"1.0.2g-1ubuntu4.20+esm1",
"1.0.2g-1ubuntu4.20+esm2",
"1.0.2g-1ubuntu4.20+esm3",
"1.0.2g-1ubuntu4.20+esm4",
"1.0.2g-1ubuntu4.20+esm5",
"1.0.2g-1ubuntu4.20+esm6",
"1.0.2g-1ubuntu4.20+esm7",
"1.0.2g-1ubuntu4.20+esm9"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20160408.ffea0a2c-2ubuntu0.2+esm3?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20150106.5c2d456b-2",
"0~20160104.c2a892d7-1",
"0~20160408.ffea0a2c-2",
"0~20160408.ffea0a2c-2ubuntu0.1",
"0~20160408.ffea0a2c-2ubuntu0.2",
"0~20160408.ffea0a2c-2ubuntu0.2+esm1",
"0~20160408.ffea0a2c-2ubuntu0.2+esm3"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.10"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.10"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.10"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.20.10?arch=source\u0026distro=fips-updates/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.fips.4.20.10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.9.1",
"1.0.2g-1ubuntu4.fips.4.13.1",
"1.0.2g-1ubuntu4.fips.4.15.1",
"1.0.2g-1ubuntu4.fips.4.16.1",
"1.0.2g-1ubuntu4.fips.4.17.1",
"1.0.2g-1ubuntu4.fips.4.18.1",
"1.0.2g-1ubuntu4.fips.4.19.3",
"1.0.2g-1ubuntu4.fips.4.20.1",
"1.0.2g-1ubuntu4.fips.4.20.2",
"1.0.2g-1ubuntu4.fips.4.20.3",
"1.0.2g-1ubuntu4.fips.4.20.6",
"1.0.2g-1ubuntu4.fips.4.20.7",
"1.0.2g-1ubuntu4.fips.4.20.9"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.6.3?arch=source\u0026distro=fips/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.6~ppa1",
"1.0.2g-1ubuntu4.fips.4.6~ppa2",
"1.0.2g-1ubuntu4.fips.4.6~ppa3",
"1.0.2g-1ubuntu4.fips.4.6",
"1.0.2g-1ubuntu4.fips.4.6.1",
"1.0.2g-1ubuntu4.fips.4.6.2",
"1.0.2g-1ubuntu4.fips.4.6.3"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.1~18.04.23+esm3"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.1~18.04.23+esm3"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.1~18.04.23+esm3?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1-1ubuntu2.1~18.04.23+esm3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu13",
"1.0.2g-1ubuntu14",
"1.0.2n-1ubuntu1",
"1.1.0g-2ubuntu1",
"1.1.0g-2ubuntu2",
"1.1.0g-2ubuntu3",
"1.1.0g-2ubuntu4",
"1.1.0g-2ubuntu4.1",
"1.1.0g-2ubuntu4.3",
"1.1.1-1ubuntu2.1~18.04.1",
"1.1.1-1ubuntu2.1~18.04.2",
"1.1.1-1ubuntu2.1~18.04.3",
"1.1.1-1ubuntu2.1~18.04.4",
"1.1.1-1ubuntu2.1~18.04.5",
"1.1.1-1ubuntu2.1~18.04.6",
"1.1.1-1ubuntu2.1~18.04.7",
"1.1.1-1ubuntu2.1~18.04.8",
"1.1.1-1ubuntu2.1~18.04.9",
"1.1.1-1ubuntu2.1~18.04.10",
"1.1.1-1ubuntu2.1~18.04.13",
"1.1.1-1ubuntu2.1~18.04.14",
"1.1.1-1ubuntu2.1~18.04.15",
"1.1.1-1ubuntu2.1~18.04.17",
"1.1.1-1ubuntu2.1~18.04.19",
"1.1.1-1ubuntu2.1~18.04.20",
"1.1.1-1ubuntu2.1~18.04.21",
"1.1.1-1ubuntu2.1~18.04.22",
"1.1.1-1ubuntu2.1~18.04.23",
"1.1.1-1ubuntu2.1~18.04.23+esm1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2n-1ubuntu5.13+esm1"
},
{
"binary_name": "openssl1.0",
"binary_version": "1.0.2n-1ubuntu5.13+esm1"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openssl1.0",
"purl": "pkg:deb/ubuntu/openssl1.0@1.0.2n-1ubuntu5.13+esm1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2n-1ubuntu5.13+esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2n-1ubuntu2",
"1.0.2n-1ubuntu3",
"1.0.2n-1ubuntu4",
"1.0.2n-1ubuntu5",
"1.0.2n-1ubuntu5.1",
"1.0.2n-1ubuntu5.2",
"1.0.2n-1ubuntu5.3",
"1.0.2n-1ubuntu5.4",
"1.0.2n-1ubuntu5.5",
"1.0.2n-1ubuntu5.6",
"1.0.2n-1ubuntu5.7",
"1.0.2n-1ubuntu5.8",
"1.0.2n-1ubuntu5.9",
"1.0.2n-1ubuntu5.10",
"1.0.2n-1ubuntu5.11",
"1.0.2n-1ubuntu5.12",
"1.0.2n-1ubuntu5.13"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20180205.c0d9813c-2ubuntu0.3+esm2?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20170911.5dfba97c-1",
"0~20171010.234dbcef-1",
"0~20171027.76fd5a66-1",
"0~20171205.a9212288-1",
"0~20180105.0bc94c74-1",
"0~20180205.c0d9813c-1",
"0~20180205.c0d9813c-2",
"0~20180205.c0d9813c-2ubuntu0.1",
"0~20180205.c0d9813c-2ubuntu0.2",
"0~20180205.c0d9813c-2ubuntu0.3",
"0~20180205.c0d9813c-2ubuntu0.3+esm1",
"0~20180205.c0d9813c-2ubuntu0.3+esm2"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.23.3"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.23.3"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.23.3"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.23.3?arch=source\u0026distro=fips-updates/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1-1ubuntu2.fips.2.1~18.04.23.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1-1ubuntu2.fips.2.1~18.04.5.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.6.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.7.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.3",
"1.1.1-1ubuntu2.fips.2.1~18.04.13.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.15",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.17",
"1.1.1-1ubuntu2.fips.2.1~18.04.20",
"1.1.1-1ubuntu2.fips.2.1~18.04.21",
"1.1.1-1ubuntu2.fips.2.1~18.04.22",
"1.1.1-1ubuntu2.fips.2.1~18.04.23"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.15.2?arch=source\u0026distro=fips/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1-1ubuntu2.fips.2.1~18.04.3.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.20"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.20"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.20?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.20"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1c-1ubuntu4",
"1.1.1d-2ubuntu3",
"1.1.1d-2ubuntu6",
"1.1.1f-1ubuntu1",
"1.1.1f-1ubuntu2",
"1.1.1f-1ubuntu2.1",
"1.1.1f-1ubuntu2.2",
"1.1.1f-1ubuntu2.3",
"1.1.1f-1ubuntu2.4",
"1.1.1f-1ubuntu2.5",
"1.1.1f-1ubuntu2.8",
"1.1.1f-1ubuntu2.9",
"1.1.1f-1ubuntu2.10",
"1.1.1f-1ubuntu2.11",
"1.1.1f-1ubuntu2.12",
"1.1.1f-1ubuntu2.13",
"1.1.1f-1ubuntu2.15",
"1.1.1f-1ubuntu2.16",
"1.1.1f-1ubuntu2.17",
"1.1.1f-1ubuntu2.18",
"1.1.1f-1ubuntu2.19"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20191122.bd85bf54-2ubuntu3.6?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20190606.20d2e5a1-2ubuntu1",
"0~20190828.37eef910-3",
"0~20190828.37eef910-4",
"0~20191122.bd85bf54-1",
"0~20191122.bd85bf54-1ubuntu1",
"0~20191122.bd85bf54-2",
"0~20191122.bd85bf54-2ubuntu1",
"0~20191122.bd85bf54-2ubuntu2",
"0~20191122.bd85bf54-2ubuntu3",
"0~20191122.bd85bf54-2ubuntu3.1",
"0~20191122.bd85bf54-2ubuntu3.2",
"0~20191122.bd85bf54-2ubuntu3.3",
"0~20191122.bd85bf54-2ubuntu3.4",
"0~20191122.bd85bf54-2ubuntu3.5",
"0~20191122.bd85bf54-2ubuntu3.6"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.fips.20"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1f-1ubuntu2.fips.20"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.fips.20"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.20?arch=source\u0026distro=fips-updates/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.fips.20"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1f-1ubuntu2.fips.7",
"1.1.1f-1ubuntu2.fips.7.2",
"1.1.1f-1ubuntu2.fips.12",
"1.1.1f-1ubuntu2.fips.13",
"1.1.1f-1ubuntu2.fips.13.1",
"1.1.1f-1ubuntu2.fips.16",
"1.1.1f-1ubuntu2.fips.17",
"1.1.1f-1ubuntu2.fips.18",
"1.1.1f-1ubuntu2.fips.19"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.7.1?arch=source\u0026distro=fips/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1f-1ubuntu2.fips.2.8",
"1.1.1f-1ubuntu2.fips.7.1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "2022.02-3ubuntu0.22.04.4"
},
{
"binary_name": "ovmf-ia32",
"binary_version": "2022.02-3ubuntu0.22.04.4"
},
{
"binary_name": "qemu-efi",
"binary_version": "2022.02-3ubuntu0.22.04.4"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "2022.02-3ubuntu0.22.04.4"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "2022.02-3ubuntu0.22.04.4"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@2022.02-3ubuntu0.22.04.4?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2022.02-3ubuntu0.22.04.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2021.08~rc0-2",
"2021.08-3",
"2021.11~rc1-1",
"2021.11-1",
"2021.11-2",
"2022.02~rc1-1",
"2022.02~rc1-1ubuntu1",
"2022.02-1",
"2022.02-2",
"2022.02-3",
"2022.02-3ubuntu0.22.04.1",
"2022.02-3ubuntu0.22.04.2",
"2022.02-3ubuntu0.22.04.3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl3",
"binary_version": "3.0.2-0ubuntu1.12"
},
{
"binary_name": "openssl",
"binary_version": "3.0.2-0ubuntu1.12"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.12?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-0ubuntu1.12"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1l-1ubuntu1",
"3.0.0-1ubuntu1",
"3.0.1-0ubuntu1",
"3.0.2-0ubuntu1",
"3.0.2-0ubuntu1.1",
"3.0.2-0ubuntu1.2",
"3.0.2-0ubuntu1.4",
"3.0.2-0ubuntu1.5",
"3.0.2-0ubuntu1.6",
"3.0.2-0ubuntu1.7",
"3.0.2-0ubuntu1.8",
"3.0.2-0ubuntu1.9",
"3.0.2-0ubuntu1.10"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libnode72",
"binary_version": "12.22.9~dfsg-1ubuntu3.6+esm2"
},
{
"binary_name": "nodejs",
"binary_version": "12.22.9~dfsg-1ubuntu3.6+esm2"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"name": "nodejs",
"purl": "pkg:deb/ubuntu/nodejs@12.22.9~dfsg-1ubuntu3.6+esm2?arch=source\u0026distro=esm-apps/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"12.22.5~dfsg-5ubuntu1",
"12.22.7~dfsg-2ubuntu1",
"12.22.7~dfsg-2ubuntu3",
"12.22.9~dfsg-1ubuntu2",
"12.22.9~dfsg-1ubuntu3",
"12.22.9~dfsg-1ubuntu3.1",
"12.22.9~dfsg-1ubuntu3.2",
"12.22.9~dfsg-1ubuntu3.3",
"12.22.9~dfsg-1ubuntu3.4",
"12.22.9~dfsg-1ubuntu3.5",
"12.22.9~dfsg-1ubuntu3.6",
"12.22.9~dfsg-1ubuntu3.6+esm2"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl3",
"binary_version": "3.0.2-0ubuntu1.12+Fips1"
},
{
"binary_name": "openssl",
"binary_version": "3.0.2-0ubuntu1.12+Fips1"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-preview:22.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.12+Fips1?arch=source\u0026distro=fips-preview/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-0ubuntu1.12+Fips1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.2-0ubuntu1.10+Fips1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl3",
"binary_version": "3.0.2-0ubuntu1.12+Fips1"
},
{
"binary_name": "openssl",
"binary_version": "3.0.2-0ubuntu1.12+Fips1"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:22.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.12+Fips1?arch=source\u0026distro=fips-updates/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-0ubuntu1.12+Fips1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.2-0ubuntu1.10+Fips1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "efi-shell-aa64",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "efi-shell-arm",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "efi-shell-ia32",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "efi-shell-riscv64",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "efi-shell-x64",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "ovmf",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "ovmf-ia32",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "qemu-efi-riscv64",
"binary_version": "2024.02-2ubuntu0.6"
}
],
"priority_reason": "Upstream openssl developers have rated this issue as being low severity"
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@2024.02-2ubuntu0.6?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2024.02-2ubuntu0.6"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2023.05-2",
"2023.11-2",
"2023.11-3",
"2023.11-4",
"2023.11-5",
"2023.11-6",
"2023.11-8",
"2024.02-1",
"2024.02-2",
"2024.02-2ubuntu0.1",
"2024.02-2ubuntu0.3",
"2024.02-2ubuntu0.4",
"2024.02-2ubuntu0.5"
]
}
],
"aliases": [],
"details": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
"id": "UBUNTU-CVE-2023-3446",
"modified": "2026-04-22T07:45:02Z",
"published": "2023-07-19T12:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2023-3446"
},
{
"type": "REPORT",
"url": "https://www.openssl.org/news/secadv/20230719.txt"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6435-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6450-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6435-2"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6709-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7018-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7894-1"
}
],
"related": [
"USN-6435-1",
"USN-6450-1",
"USN-6435-2",
"USN-6709-1",
"USN-7018-1",
"USN-7894-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2023-3446"
]
}
ubuntu-cve-2024-0727
Vulnerability from osv_ubuntu
Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
},
{
"binary_name": "openssl",
"binary_version": "1.0.1f-1ubuntu2.27+esm10"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.1f-1ubuntu2.27+esm10?arch=source\u0026distro=trusty/esm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1f-1ubuntu2.27+esm10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.1e-3ubuntu1",
"1.0.1e-4ubuntu1",
"1.0.1e-4ubuntu2",
"1.0.1e-4ubuntu3",
"1.0.1e-4ubuntu4",
"1.0.1f-1ubuntu1",
"1.0.1f-1ubuntu2",
"1.0.1f-1ubuntu2.1",
"1.0.1f-1ubuntu2.2",
"1.0.1f-1ubuntu2.3",
"1.0.1f-1ubuntu2.4",
"1.0.1f-1ubuntu2.5",
"1.0.1f-1ubuntu2.7",
"1.0.1f-1ubuntu2.8",
"1.0.1f-1ubuntu2.11",
"1.0.1f-1ubuntu2.12",
"1.0.1f-1ubuntu2.15",
"1.0.1f-1ubuntu2.16",
"1.0.1f-1ubuntu2.17",
"1.0.1f-1ubuntu2.18",
"1.0.1f-1ubuntu2.19",
"1.0.1f-1ubuntu2.20",
"1.0.1f-1ubuntu2.21",
"1.0.1f-1ubuntu2.22",
"1.0.1f-1ubuntu2.23",
"1.0.1f-1ubuntu2.24",
"1.0.1f-1ubuntu2.25",
"1.0.1f-1ubuntu2.26",
"1.0.1f-1ubuntu2.27",
"1.0.1f-1ubuntu2.27+esm1",
"1.0.1f-1ubuntu2.27+esm2",
"1.0.1f-1ubuntu2.27+esm3",
"1.0.1f-1ubuntu2.27+esm4",
"1.0.1f-1ubuntu2.27+esm5",
"1.0.1f-1ubuntu2.27+esm6",
"1.0.1f-1ubuntu2.27+esm7",
"1.0.1f-1ubuntu2.27+esm9"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.20+esm11"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.20+esm11"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.20+esm11?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.20+esm11"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2d-0ubuntu1",
"1.0.2d-0ubuntu2",
"1.0.2e-1ubuntu1",
"1.0.2f-2ubuntu1",
"1.0.2g-1ubuntu2",
"1.0.2g-1ubuntu3",
"1.0.2g-1ubuntu4",
"1.0.2g-1ubuntu4.1",
"1.0.2g-1ubuntu4.2",
"1.0.2g-1ubuntu4.4",
"1.0.2g-1ubuntu4.5",
"1.0.2g-1ubuntu4.6",
"1.0.2g-1ubuntu4.8",
"1.0.2g-1ubuntu4.9",
"1.0.2g-1ubuntu4.10",
"1.0.2g-1ubuntu4.11",
"1.0.2g-1ubuntu4.12",
"1.0.2g-1ubuntu4.13",
"1.0.2g-1ubuntu4.14",
"1.0.2g-1ubuntu4.15",
"1.0.2g-1ubuntu4.16",
"1.0.2g-1ubuntu4.17",
"1.0.2g-1ubuntu4.18",
"1.0.2g-1ubuntu4.19",
"1.0.2g-1ubuntu4.20",
"1.0.2g-1ubuntu4.20+esm1",
"1.0.2g-1ubuntu4.20+esm2",
"1.0.2g-1ubuntu4.20+esm3",
"1.0.2g-1ubuntu4.20+esm4",
"1.0.2g-1ubuntu4.20+esm5",
"1.0.2g-1ubuntu4.20+esm6",
"1.0.2g-1ubuntu4.20+esm7",
"1.0.2g-1ubuntu4.20+esm9",
"1.0.2g-1ubuntu4.20+esm10"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.2+esm3"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20160408.ffea0a2c-2ubuntu0.2+esm3?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20150106.5c2d456b-2",
"0~20160104.c2a892d7-1",
"0~20160408.ffea0a2c-2",
"0~20160408.ffea0a2c-2ubuntu0.1",
"0~20160408.ffea0a2c-2ubuntu0.2",
"0~20160408.ffea0a2c-2ubuntu0.2+esm1",
"0~20160408.ffea0a2c-2ubuntu0.2+esm3"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.11"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.11"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.20.11"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.20.11?arch=source\u0026distro=fips-updates/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2g-1ubuntu4.fips.4.20.11"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.9.1",
"1.0.2g-1ubuntu4.fips.4.13.1",
"1.0.2g-1ubuntu4.fips.4.15.1",
"1.0.2g-1ubuntu4.fips.4.16.1",
"1.0.2g-1ubuntu4.fips.4.17.1",
"1.0.2g-1ubuntu4.fips.4.18.1",
"1.0.2g-1ubuntu4.fips.4.19.3",
"1.0.2g-1ubuntu4.fips.4.20.1",
"1.0.2g-1ubuntu4.fips.4.20.2",
"1.0.2g-1ubuntu4.fips.4.20.3",
"1.0.2g-1ubuntu4.fips.4.20.6",
"1.0.2g-1ubuntu4.fips.4.20.7",
"1.0.2g-1ubuntu4.fips.4.20.9",
"1.0.2g-1ubuntu4.fips.4.20.10"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "libssl1.0.0-hmac",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
},
{
"binary_name": "openssl",
"binary_version": "1.0.2g-1ubuntu4.fips.4.6.3"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.0.2g-1ubuntu4.fips.4.6.3?arch=source\u0026distro=fips/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu4.fips.4.6~ppa1",
"1.0.2g-1ubuntu4.fips.4.6~ppa2",
"1.0.2g-1ubuntu4.fips.4.6~ppa3",
"1.0.2g-1ubuntu4.fips.4.6",
"1.0.2g-1ubuntu4.fips.4.6.1",
"1.0.2g-1ubuntu4.fips.4.6.2",
"1.0.2g-1ubuntu4.fips.4.6.3"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.1~18.04.23+esm4"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.1~18.04.23+esm4"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.1~18.04.23+esm4?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1-1ubuntu2.1~18.04.23+esm4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2g-1ubuntu13",
"1.0.2g-1ubuntu14",
"1.0.2n-1ubuntu1",
"1.1.0g-2ubuntu1",
"1.1.0g-2ubuntu2",
"1.1.0g-2ubuntu3",
"1.1.0g-2ubuntu4",
"1.1.0g-2ubuntu4.1",
"1.1.0g-2ubuntu4.3",
"1.1.1-1ubuntu2.1~18.04.1",
"1.1.1-1ubuntu2.1~18.04.2",
"1.1.1-1ubuntu2.1~18.04.3",
"1.1.1-1ubuntu2.1~18.04.4",
"1.1.1-1ubuntu2.1~18.04.5",
"1.1.1-1ubuntu2.1~18.04.6",
"1.1.1-1ubuntu2.1~18.04.7",
"1.1.1-1ubuntu2.1~18.04.8",
"1.1.1-1ubuntu2.1~18.04.9",
"1.1.1-1ubuntu2.1~18.04.10",
"1.1.1-1ubuntu2.1~18.04.13",
"1.1.1-1ubuntu2.1~18.04.14",
"1.1.1-1ubuntu2.1~18.04.15",
"1.1.1-1ubuntu2.1~18.04.17",
"1.1.1-1ubuntu2.1~18.04.19",
"1.1.1-1ubuntu2.1~18.04.20",
"1.1.1-1ubuntu2.1~18.04.21",
"1.1.1-1ubuntu2.1~18.04.22",
"1.1.1-1ubuntu2.1~18.04.23",
"1.1.1-1ubuntu2.1~18.04.23+esm1",
"1.1.1-1ubuntu2.1~18.04.23+esm3"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.0.0",
"binary_version": "1.0.2n-1ubuntu5.13+esm1"
},
{
"binary_name": "openssl1.0",
"binary_version": "1.0.2n-1ubuntu5.13+esm1"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openssl1.0",
"purl": "pkg:deb/ubuntu/openssl1.0@1.0.2n-1ubuntu5.13+esm1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2n-1ubuntu5.13+esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.2n-1ubuntu2",
"1.0.2n-1ubuntu3",
"1.0.2n-1ubuntu4",
"1.0.2n-1ubuntu5",
"1.0.2n-1ubuntu5.1",
"1.0.2n-1ubuntu5.2",
"1.0.2n-1ubuntu5.3",
"1.0.2n-1ubuntu5.4",
"1.0.2n-1ubuntu5.5",
"1.0.2n-1ubuntu5.6",
"1.0.2n-1ubuntu5.7",
"1.0.2n-1ubuntu5.8",
"1.0.2n-1ubuntu5.9",
"1.0.2n-1ubuntu5.10",
"1.0.2n-1ubuntu5.11",
"1.0.2n-1ubuntu5.12",
"1.0.2n-1ubuntu5.13"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20180205.c0d9813c-2ubuntu0.3+esm2?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20170911.5dfba97c-1",
"0~20171010.234dbcef-1",
"0~20171027.76fd5a66-1",
"0~20171205.a9212288-1",
"0~20180105.0bc94c74-1",
"0~20180205.c0d9813c-1",
"0~20180205.c0d9813c-2",
"0~20180205.c0d9813c-2ubuntu0.1",
"0~20180205.c0d9813c-2ubuntu0.2",
"0~20180205.c0d9813c-2ubuntu0.3",
"0~20180205.c0d9813c-2ubuntu0.3+esm1",
"0~20180205.c0d9813c-2ubuntu0.3+esm2"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.23.4"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.23.4"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.23.4"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.23.4?arch=source\u0026distro=fips-updates/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1-1ubuntu2.fips.2.1~18.04.23.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1-1ubuntu2.fips.2.1~18.04.5.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.6.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.7.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.9.3",
"1.1.1-1ubuntu2.fips.2.1~18.04.13.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.15",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.2",
"1.1.1-1ubuntu2.fips.2.1~18.04.17",
"1.1.1-1ubuntu2.fips.2.1~18.04.20",
"1.1.1-1ubuntu2.fips.2.1~18.04.21",
"1.1.1-1ubuntu2.fips.2.1~18.04.22",
"1.1.1-1ubuntu2.fips.2.1~18.04.23",
"1.1.1-1ubuntu2.fips.2.1~18.04.23.3"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:18.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1-1ubuntu2.fips.2.1~18.04.15.2?arch=source\u0026distro=fips/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1-1ubuntu2.fips.2.1~18.04.3.1",
"1.1.1-1ubuntu2.fips.2.1~18.04.15.2"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.21"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.21"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.21?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.21"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1c-1ubuntu4",
"1.1.1d-2ubuntu3",
"1.1.1d-2ubuntu6",
"1.1.1f-1ubuntu1",
"1.1.1f-1ubuntu2",
"1.1.1f-1ubuntu2.1",
"1.1.1f-1ubuntu2.2",
"1.1.1f-1ubuntu2.3",
"1.1.1f-1ubuntu2.4",
"1.1.1f-1ubuntu2.5",
"1.1.1f-1ubuntu2.8",
"1.1.1f-1ubuntu2.9",
"1.1.1f-1ubuntu2.10",
"1.1.1f-1ubuntu2.11",
"1.1.1f-1ubuntu2.12",
"1.1.1f-1ubuntu2.13",
"1.1.1f-1ubuntu2.15",
"1.1.1f-1ubuntu2.16",
"1.1.1f-1ubuntu2.17",
"1.1.1f-1ubuntu2.18",
"1.1.1f-1ubuntu2.19",
"1.1.1f-1ubuntu2.20"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "0~20191122.bd85bf54-2ubuntu3.6"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20191122.bd85bf54-2ubuntu3.6?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20190606.20d2e5a1-2ubuntu1",
"0~20190828.37eef910-3",
"0~20190828.37eef910-4",
"0~20191122.bd85bf54-1",
"0~20191122.bd85bf54-1ubuntu1",
"0~20191122.bd85bf54-2",
"0~20191122.bd85bf54-2ubuntu1",
"0~20191122.bd85bf54-2ubuntu2",
"0~20191122.bd85bf54-2ubuntu3",
"0~20191122.bd85bf54-2ubuntu3.1",
"0~20191122.bd85bf54-2ubuntu3.2",
"0~20191122.bd85bf54-2ubuntu3.3",
"0~20191122.bd85bf54-2ubuntu3.4",
"0~20191122.bd85bf54-2ubuntu3.5",
"0~20191122.bd85bf54-2ubuntu3.6"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.fips.20"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1f-1ubuntu2.fips.20"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.fips.20"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.20?arch=source\u0026distro=fips-updates/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1f-1ubuntu2.fips.20"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1f-1ubuntu2.fips.7",
"1.1.1f-1ubuntu2.fips.7.2",
"1.1.1f-1ubuntu2.fips.12",
"1.1.1f-1ubuntu2.fips.13",
"1.1.1f-1ubuntu2.fips.13.1",
"1.1.1f-1ubuntu2.fips.16",
"1.1.1f-1ubuntu2.fips.17",
"1.1.1f-1ubuntu2.fips.18",
"1.1.1f-1ubuntu2.fips.19"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl1.1",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
},
{
"binary_name": "libssl1.1-hmac",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
},
{
"binary_name": "openssl",
"binary_version": "1.1.1f-1ubuntu2.fips.7.1"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:20.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.fips.7.1?arch=source\u0026distro=fips/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1f-1ubuntu2.fips.2.8",
"1.1.1f-1ubuntu2.fips.7.1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "2022.02-3ubuntu0.22.04.4"
},
{
"binary_name": "ovmf-ia32",
"binary_version": "2022.02-3ubuntu0.22.04.4"
},
{
"binary_name": "qemu-efi",
"binary_version": "2022.02-3ubuntu0.22.04.4"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "2022.02-3ubuntu0.22.04.4"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "2022.02-3ubuntu0.22.04.4"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@2022.02-3ubuntu0.22.04.4?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2022.02-3ubuntu0.22.04.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2021.08~rc0-2",
"2021.08-3",
"2021.11~rc1-1",
"2021.11-1",
"2021.11-2",
"2022.02~rc1-1",
"2022.02~rc1-1ubuntu1",
"2022.02-1",
"2022.02-2",
"2022.02-3",
"2022.02-3ubuntu0.22.04.1",
"2022.02-3ubuntu0.22.04.2",
"2022.02-3ubuntu0.22.04.3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl3",
"binary_version": "3.0.2-0ubuntu1.14"
},
{
"binary_name": "openssl",
"binary_version": "3.0.2-0ubuntu1.14"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.14?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-0ubuntu1.14"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1l-1ubuntu1",
"3.0.0-1ubuntu1",
"3.0.1-0ubuntu1",
"3.0.2-0ubuntu1",
"3.0.2-0ubuntu1.1",
"3.0.2-0ubuntu1.2",
"3.0.2-0ubuntu1.4",
"3.0.2-0ubuntu1.5",
"3.0.2-0ubuntu1.6",
"3.0.2-0ubuntu1.7",
"3.0.2-0ubuntu1.8",
"3.0.2-0ubuntu1.9",
"3.0.2-0ubuntu1.10",
"3.0.2-0ubuntu1.12",
"3.0.2-0ubuntu1.13"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libnode72",
"binary_version": "12.22.9~dfsg-1ubuntu3.6+esm2"
},
{
"binary_name": "nodejs",
"binary_version": "12.22.9~dfsg-1ubuntu3.6+esm2"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"name": "nodejs",
"purl": "pkg:deb/ubuntu/nodejs@12.22.9~dfsg-1ubuntu3.6+esm2?arch=source\u0026distro=esm-apps/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"12.22.5~dfsg-5ubuntu1",
"12.22.7~dfsg-2ubuntu1",
"12.22.7~dfsg-2ubuntu3",
"12.22.9~dfsg-1ubuntu2",
"12.22.9~dfsg-1ubuntu3",
"12.22.9~dfsg-1ubuntu3.1",
"12.22.9~dfsg-1ubuntu3.2",
"12.22.9~dfsg-1ubuntu3.3",
"12.22.9~dfsg-1ubuntu3.4",
"12.22.9~dfsg-1ubuntu3.5",
"12.22.9~dfsg-1ubuntu3.6",
"12.22.9~dfsg-1ubuntu3.6+esm2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libssl3",
"binary_version": "3.0.2-0ubuntu1.12+Fips1"
},
{
"binary_name": "openssl",
"binary_version": "3.0.2-0ubuntu1.12+Fips1"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-preview:22.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.12+Fips1?arch=source\u0026distro=fips-preview/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.2-0ubuntu1.10+Fips1",
"3.0.2-0ubuntu1.12+Fips1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libssl3",
"binary_version": "3.0.2-0ubuntu1.14+Fips1"
},
{
"binary_name": "openssl",
"binary_version": "3.0.2-0ubuntu1.14+Fips1"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:22.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.14+Fips1?arch=source\u0026distro=fips-updates/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-0ubuntu1.14+Fips1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.2-0ubuntu1.10+Fips1",
"3.0.2-0ubuntu1.12+Fips1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "efi-shell-aa64",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "efi-shell-arm",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "efi-shell-ia32",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "efi-shell-riscv64",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "efi-shell-x64",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "ovmf",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "ovmf-ia32",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "2024.02-2ubuntu0.6"
},
{
"binary_name": "qemu-efi-riscv64",
"binary_version": "2024.02-2ubuntu0.6"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@2024.02-2ubuntu0.6?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2024.02-2ubuntu0.6"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2023.05-2",
"2023.11-2",
"2023.11-3",
"2023.11-4",
"2023.11-5",
"2023.11-6",
"2023.11-8",
"2024.02-1",
"2024.02-2",
"2024.02-2ubuntu0.1",
"2024.02-2ubuntu0.3",
"2024.02-2ubuntu0.4",
"2024.02-2ubuntu0.5"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl3",
"binary_version": "3.0.10-1ubuntu4"
},
{
"binary_name": "openssl",
"binary_version": "3.0.10-1ubuntu4"
}
],
"priority_reason": "Upstream OpenSSL developers have rated this to be a low severity issue"
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "openssl",
"purl": "pkg:deb/ubuntu/openssl@3.0.10-1ubuntu4?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.10-1ubuntu4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.10-1ubuntu2",
"3.0.10-1ubuntu2.1",
"3.0.10-1ubuntu3"
]
}
],
"aliases": [],
"details": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.",
"id": "UBUNTU-CVE-2024-0727",
"modified": "2026-04-22T07:47:53Z",
"published": "2024-01-26T09:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-0727"
},
{
"type": "REPORT",
"url": "https://www.openssl.org/news/secadv/20240125.txt"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6622-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6632-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6709-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7018-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7894-1"
}
],
"related": [
"USN-6622-1",
"USN-6632-1",
"USN-6709-1",
"USN-7018-1",
"USN-7894-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2024-0727"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.