CVE-2022-47629
Public on 2022-12-20
Modified on 2024-02-12
Description
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
CVSS v3 Base Score
See breakdown
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
| Platform | Package | Release Date | Advisory |
|---|---|---|---|
| Amazon Linux 1 | libksba | 2023-06-06 | ALAS-2023-1752 |
| Amazon Linux 2 - Core | libksba | 2023-05-16 | ALAS2-2023-2041 |
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| NVD | CVSSv3 | 9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
