{ "document": { "aggregate_severity": { "text": "Medium" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_alt_common/debian11/vex/2022/cve-2022-1343-els_alt_common-debian11.json" } ], "tracking": { "current_release_date": "2026-06-12T16:34:33Z", "generator": { "date": "2026-06-12T16:34:33Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2022-1343-ELS_ALT_COMMON-DEBIAN11", "initial_release_date": "2022-05-03T16:15:00Z", "revision_history": [ { "date": "2022-05-03T16:15:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-06-12T16:34:33Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "Security update on CVE-2022-1343" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Debian 11", "product": { "name": "Debian 11", "product_id": "Debian-11", "product_identification_helper": { "cpe": "cpe:2.3:o:debian:debian_linux:11:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Debian" } ], "category": "vendor", "name": "Software in the Public Interest, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "alt-openssl-dev-0:1.1.1w-3.2.amd64", "product": { "name": "alt-openssl-dev-0:1.1.1w-3.2.amd64", "product_id": "alt-openssl-dev-0:1.1.1w-3.2.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-dev@1.1.1w-3.2?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-dev-0:1.1.1w-3.4.amd64", "product": { "name": "alt-openssl-dev-0:1.1.1w-3.4.amd64", "product_id": "alt-openssl-dev-0:1.1.1w-3.4.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-dev@1.1.1w-3.4?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-dev-0:1.1.1w-3.1.amd64", "product": { "name": "alt-openssl-dev-0:1.1.1w-3.1.amd64", "product_id": "alt-openssl-dev-0:1.1.1w-3.1.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-dev@1.1.1w-3.1?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-libs-0:1.1.1w-3.2.amd64", "product": { "name": "alt-openssl-libs-0:1.1.1w-3.2.amd64", "product_id": "alt-openssl-libs-0:1.1.1w-3.2.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-libs@1.1.1w-3.2?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-libs-0:1.1.1w-3.4.amd64", "product": { "name": "alt-openssl-libs-0:1.1.1w-3.4.amd64", "product_id": "alt-openssl-libs-0:1.1.1w-3.4.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-libs@1.1.1w-3.4?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-libs-0:1.1.1w-3.1.amd64", "product": { "name": "alt-openssl-libs-0:1.1.1w-3.1.amd64", "product_id": "alt-openssl-libs-0:1.1.1w-3.1.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-libs@1.1.1w-3.1?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-0:1.1.1w-3.2.amd64", "product": { "name": "alt-openssl-0:1.1.1w-3.2.amd64", "product_id": "alt-openssl-0:1.1.1w-3.2.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl@1.1.1w-3.2?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-0:1.1.1w-3.1.amd64", "product": { "name": "alt-openssl-0:1.1.1w-3.1.amd64", "product_id": "alt-openssl-0:1.1.1w-3.1.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl@1.1.1w-3.1?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-0:1.1.1w-3.4.amd64", "product": { "name": "alt-openssl-0:1.1.1w-3.4.amd64", "product_id": "alt-openssl-0:1.1.1w-3.4.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl@1.1.1w-3.4?arch=amd64&os_name=debian&os_version=11" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "alt-openssl-doc-0:1.1.1w-3.4.all", "product": { "name": "alt-openssl-doc-0:1.1.1w-3.4.all", "product_id": "alt-openssl-doc-0:1.1.1w-3.4.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-doc@1.1.1w-3.4?arch=all&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-doc-0:1.1.1w-3.1.all", "product": { "name": "alt-openssl-doc-0:1.1.1w-3.1.all", "product_id": "alt-openssl-doc-0:1.1.1w-3.1.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-doc@1.1.1w-3.1?arch=all&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-doc-0:1.1.1w-3.2.all", "product": { "name": "alt-openssl-doc-0:1.1.1w-3.2.all", "product_id": "alt-openssl-doc-0:1.1.1w-3.2.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-doc@1.1.1w-3.2?arch=all&os_name=debian&os_version=11" } } } ], "category": "architecture", "name": "all" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-dev-0:1.1.1w-3.2.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-dev-0:1.1.1w-3.2.amd64" }, "product_reference": "alt-openssl-dev-0:1.1.1w-3.2.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-dev-0:1.1.1w-3.4.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-dev-0:1.1.1w-3.4.amd64" }, "product_reference": "alt-openssl-dev-0:1.1.1w-3.4.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-dev-0:1.1.1w-3.1.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-dev-0:1.1.1w-3.1.amd64" }, "product_reference": "alt-openssl-dev-0:1.1.1w-3.1.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-doc-0:1.1.1w-3.4.all as a component of Debian 11", "product_id": "Debian-11:alt-openssl-doc-0:1.1.1w-3.4.all" }, "product_reference": "alt-openssl-doc-0:1.1.1w-3.4.all", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-doc-0:1.1.1w-3.1.all as a component of Debian 11", "product_id": "Debian-11:alt-openssl-doc-0:1.1.1w-3.1.all" }, "product_reference": "alt-openssl-doc-0:1.1.1w-3.1.all", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-doc-0:1.1.1w-3.2.all as a component of Debian 11", "product_id": "Debian-11:alt-openssl-doc-0:1.1.1w-3.2.all" }, "product_reference": "alt-openssl-doc-0:1.1.1w-3.2.all", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-libs-0:1.1.1w-3.2.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-libs-0:1.1.1w-3.2.amd64" }, "product_reference": "alt-openssl-libs-0:1.1.1w-3.2.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-libs-0:1.1.1w-3.4.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-libs-0:1.1.1w-3.4.amd64" }, "product_reference": "alt-openssl-libs-0:1.1.1w-3.4.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-libs-0:1.1.1w-3.1.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-libs-0:1.1.1w-3.1.amd64" }, "product_reference": "alt-openssl-libs-0:1.1.1w-3.1.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-0:1.1.1w-3.2.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-0:1.1.1w-3.2.amd64" }, "product_reference": "alt-openssl-0:1.1.1w-3.2.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-0:1.1.1w-3.1.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-0:1.1.1w-3.1.amd64" }, "product_reference": "alt-openssl-0:1.1.1w-3.1.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-0:1.1.1w-3.4.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-0:1.1.1w-3.4.amd64" }, "product_reference": "alt-openssl-0:1.1.1w-3.4.amd64", "relates_to_product_reference": "Debian-11" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-1343", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "description", "text": "The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is anticipated that most users of `OCSP_basic_verify` will not use the OCSP_NOCHECKS flag. In this case the `OCSP_basic_verify` function will return a negative value (indicating a fatal error) in the case of a certificate verification failure. The normal expected return value in this case would be 0. This issue also impacts the command line OpenSSL \"ocsp\" application. When verifying an ocsp response with the \"-no_cert_checks\" option the command line application will report that the verification is successful even though it has in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "other", "text": "TuxCare has assessed that this vulnerability does not impact any currently supported TuxCare products. This evaluation may change as new information becomes available. For additional details regarding this vulnerability and affected products, refer to the provided references.", "title": "Statement" } ], "product_status": { "known_not_affected": [ "Debian-11:alt-openssl-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-doc-0:1.1.1w-3.1.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.2.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.4.all", "Debian-11:alt-openssl-libs-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.4.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-lang/cve/CVE-2022-1343" }, { "category": "external", "summary": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf" }, { "category": "external", "summary": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a", "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20220602-0009/", "url": "https://security.netapp.com/advisory/ntap-20220602-0009/" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20220503.txt", "url": "https://www.openssl.org/news/secadv/20220503.txt" } ], "release_date": "2022-05-03T16:15:00Z", "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "Debian-11:alt-openssl-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-doc-0:1.1.1w-3.1.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.2.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.4.all", "Debian-11:alt-openssl-libs-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.4.amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" }, { "category": "impact", "date": "2026-06-12T13:13:11.934206Z", "details": "moderate", "product_ids": [ "Debian-11:alt-openssl-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-doc-0:1.1.1w-3.1.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.2.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.4.all", "Debian-11:alt-openssl-libs-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.4.amd64" ] } ] } ] }