CVE-2023-0286

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-0286
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-0286.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-0286
Aliases
Downstream
Related
Published
2023-02-08T20:15:24.267Z
Modified
2026-04-12T06:36:10.096276Z
Severity
  • 7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequently interpreted by the OpenSSL function GENERALNAMEcmp as an ASN1TYPE rather than an ASN1_STRING.

When CRL checking is enabled (i.e. the application sets the X509VFLAGCRLCHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.

Database specific 
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "2.7.0"
                },
                {
                    "fixed": "2.7.11"
                },
                {
                    "introduced": "2.8.0"
                },
                {
                    "fixed": "3.7.34"
                },
                {
                    "introduced": "3.8.0"
                },
                {
                    "fixed": "3.11.22"
                },
                {
                    "introduced": "4.0.0"
                },
                {
                    "fixed": "4.3.16"
                },
                {
                    "introduced": "4.4.0"
                },
                {
                    "fixed": "4.6.3"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*"
        }
    ]
}
References

Affected packages

Git / github.com/openssl/openssl

Affected ranges

Type
GIT
Repo
https://github.com/openssl/openssl
Events
Introduced
e818b74be2170fbe957a07b0da4401c2b694b3b8
Fixed
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
e04bd3433fd84e1861bf258ea37928d9845e6a86
Fixed
e04bd3433fd84e1861bf258ea37928d9845e6a86
Introduced
89cd17a031e022211684eb7eb41190cf1910f9fa
Fixed
31157bc0b46e04227b8468d3e6915e4d0332777c
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
42768eafab40d3e2f0851caa84aa9801139c74ab
Database specific 
{
    "extracted_events": [
        {
            "introduced": "1.0.2"
        },
        {
            "fixed": "1.0.2zg"
        },
        {
            "introduced": "1.1.1"
        },
        {
            "fixed": "1.1.1t"
        },
        {
            "introduced": "3.0.0"
        },
        {
            "fixed": "3.0.8"
        },
        {
            "introduced": "0"
        },
        {
            "fixed": "3.3.3"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": [
        "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:stormshield:stormshield_management_center:*:*:*:*:*:*:*:*"
    ]
}

Affected versions

Other
BEFORE_engine
OpenSSL_0_9_1c
OpenSSL_0_9_2b
OpenSSL_0_9_3
OpenSSL_0_9_3a
OpenSSL_0_9_3beta2
OpenSSL_0_9_4
OpenSSL_0_9_5a
OpenSSL_0_9_5a-beta1
OpenSSL_0_9_5a-beta2
OpenSSL_0_9_5beta1
OpenSSL_0_9_5beta2
OpenSSL_0_9_6-beta3
OpenSSL_1_0_2
OpenSSL_1_0_2-beta1
OpenSSL_1_0_2-beta2
OpenSSL_1_0_2-beta3
OpenSSL_1_0_2-post-auto-reformat
OpenSSL_1_0_2-post-reformat
OpenSSL_1_0_2-pre-auto-reformat
OpenSSL_1_0_2-pre-reformat
OpenSSL_1_0_2a
OpenSSL_1_0_2b
OpenSSL_1_0_2c
OpenSSL_1_0_2d
OpenSSL_1_0_2e
OpenSSL_1_0_2f
OpenSSL_1_0_2g
OpenSSL_1_0_2h
OpenSSL_1_0_2i
OpenSSL_1_0_2j
OpenSSL_1_0_2k
OpenSSL_1_0_2l
OpenSSL_1_0_2m
OpenSSL_1_0_2n
OpenSSL_1_0_2o
OpenSSL_1_0_2p
OpenSSL_1_0_2q
OpenSSL_1_0_2r
OpenSSL_1_0_2s
OpenSSL_1_0_2t
OpenSSL_1_1_0-pre1
OpenSSL_1_1_0-pre2
OpenSSL_1_1_0-pre3
OpenSSL_1_1_0-pre4
OpenSSL_1_1_0-pre5
OpenSSL_1_1_0-pre6
OpenSSL_1_1_1
OpenSSL_1_1_1-pre1
OpenSSL_1_1_1-pre2
OpenSSL_1_1_1-pre3
OpenSSL_1_1_1-pre4
OpenSSL_1_1_1-pre5
OpenSSL_1_1_1-pre6
OpenSSL_1_1_1-pre7
OpenSSL_1_1_1-pre8
OpenSSL_1_1_1-pre9
OpenSSL_1_1_1a
OpenSSL_1_1_1b
OpenSSL_1_1_1c
OpenSSL_1_1_1d
OpenSSL_1_1_1e
OpenSSL_1_1_1f
OpenSSL_1_1_1g
OpenSSL_1_1_1h
OpenSSL_1_1_1i
OpenSSL_1_1_1j
OpenSSL_1_1_1k
OpenSSL_1_1_1l
OpenSSL_1_1_1m
OpenSSL_1_1_1n
OpenSSL_1_1_1o
OpenSSL_1_1_1p
OpenSSL_1_1_1q
OpenSSL_1_1_1r
OpenSSL_1_1_1s
OpenSSL_1_1_1t
OpenSSL_1_1_1u
OpenSSL_1_1_1v
master-post-auto-reformat
master-post-reformat
master-pre-auto-reformat
master-pre-reformat
openssl-3.*
openssl-3.0.0
openssl-3.0.0-alpha1
openssl-3.0.0-alpha10
openssl-3.0.0-alpha11
openssl-3.0.0-alpha12
openssl-3.0.0-alpha13
openssl-3.0.0-alpha14
openssl-3.0.0-alpha15
openssl-3.0.0-alpha16
openssl-3.0.0-alpha17
openssl-3.0.0-alpha2
openssl-3.0.0-alpha3
openssl-3.0.0-alpha4
openssl-3.0.0-alpha5
openssl-3.0.0-alpha6
openssl-3.0.0-alpha7
openssl-3.0.0-alpha8
openssl-3.0.0-alpha9
openssl-3.0.0-beta1
openssl-3.0.0-beta2
openssl-3.0.1
openssl-3.0.2
openssl-3.0.3
openssl-3.0.4
openssl-3.0.5
openssl-3.0.6
openssl-3.0.7
openssl-3.2.0-alpha1
openssl-3.2.0-alpha2
openssl-3.3.0
openssl-3.3.0-alpha1
openssl-3.3.0-beta1
openssl-3.3.1
openssl-3.3.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-0286.json"
vanir_signatures 
[
    {
        "signature_type": "Line",
        "signature_version": "v1",
        "id": "CVE-2023-0286-c377fa22",
        "digest": {
            "line_hashes": [
                "28170854778703993674264004058177114599",
                "73132526844288570625317440636111911761",
                "177405411499435185068645597737938634778",
                "224809958623850711330610094965797758930",
                "295554444428855106393106961197201359586"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/openssl/openssl/commit/e04bd3433fd84e1861bf258ea37928d9845e6a86",
        "target": {
            "file": "include/openssl/opensslv.h"
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "signature_version": "v1",
        "id": "CVE-2023-0286-e051451f",
        "digest": {
            "line_hashes": [
                "251633914150035957322733061977107206211",
                "338514574181828579838011565939158652696",
                "76638288692106140328510055542557597351",
                "142922657400765574308962710386922248045",
                "71649992455794854055653842592139575350",
                "65527166711110472566013424527579064967",
                "253196866009476977787139000804413898733",
                "172177136897997206866313011107384691461"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/openssl/openssl/commit/e818b74be2170fbe957a07b0da4401c2b694b3b8",
        "target": {
            "file": "crypto/opensslv.h"
        },
        "deprecated": false
    }
]
vanir_signatures_modified 
"2026-04-12T06:36:10Z"