vulnerability
Oracle Linux: CVE-2022-47629: ELSA-2023-0626: libksba security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:N/C:P/I:P/A:C) | Oct 17, 2022 | Jan 31, 2023 | Jan 7, 2025 |
Severity
9
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:C)
Published
Oct 17, 2022
Added
Jan 31, 2023
Modified
Jan 7, 2025
Description
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
Solution(s)
oracle-linux-upgrade-libksbaoracle-linux-upgrade-libksba-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.