Search

Security ID : QSA-22-17

Multiple Vulnerabilities in OpenSSL

  • Release date : May 23, 2022

  • CVE identifier : CVE-2022-1292 | CVE-2022-1343 | CVE-2022-1434 | CVE-2022-1473

  • Affected products: None

Severity

None

Status

Not Affected

Summary

OpenSSL recently disclosed multiple vulnerabilities:

  • CVE-2022-1292: The c_rehash script allows command injection
  • CVE-2022-1343: OCSP_basic_verify may incorrectly verify the response signing certificate
  • CVE-2022-1434: Incorrect MAC key used in the RC4-MD5 ciphersuite
  • CVE-2022-1473: Resource leakage when decoding certificates and keys

QNAP products are not affected.

Revision History: V1.0 (May 23, 2022) - Published

Choose specification

      Show more Less

      Choose Your Country or Region

      open menu
      back to top