CVE-2022-40617

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-40617
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-40617.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-40617
Downstream
Related
Published
2022-10-31T06:15:09.887Z
Modified
2026-02-16T02:08:09.682863Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data.

References

Affected packages

Git / github.com/wordpress/wordpress-develop

Affected ranges

Type
GIT
Repo
https://github.com/wordpress/wordpress-develop
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e5bce454ec3f1d6035b173de7391111956f69813
Introduced
0814d39e7428e84792b329276b25762c092fde0f
Fixed
de37d941284686bda04e59eba25deedc07c83ebc
Introduced
15c7abfa4c263a376ec998ff2935429195f25b33
Fixed
7c76a1b79e21176b176b5b6d6b03151f8eea4b55

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-40617.json"