{"id":"CLSA-2022-1658171496","summary":"Fixed CVEs in openssl: CVE-2022-1292, CVE-2022-2068","details":"- CVE-2022-1292: c_rehash: Do not use shell to invoke openssl to prevent\n  command injection\n- CVE-2022-2068: c_rehash: Fix file operations to prevent command injection\n- Update expired SCT certificates","modified":"2026-05-27T11:18:29.313708630Z","published":"2022-07-18T19:11:36Z","upstream":["CVE-2022-1292","CVE-2022-2068"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/centos8.5-els/CLSA-2022-1658171496.html"}],"affected":[{"package":{"name":"openssl","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/openssl?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.1.1k-5.el8.5.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1658171496.json"}},{"package":{"name":"openssl-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/openssl-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.1.1k-5.el8.5.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1658171496.json"}},{"package":{"name":"openssl-libs","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/openssl-libs?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.1.1k-5.el8.5.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1658171496.json"}},{"package":{"name":"openssl-perl","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/openssl-perl?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.1.1k-5.el8.5.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1658171496.json"}},{"package":{"name":"openssl-static","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/openssl-static?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.1.1k-5.el8.5.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1658171496.json"}}],"schema_version":"1.7.5"}