QwikSec

Security Database

CVE

CWE

Training

CVE-2022-3515

Published: Jan 12, 2023

Modified: Apr 8, 2025

PUBLISHED

Description

A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

Vendor	Product	Versions
n/a	libksba	affected `Fixed in libksba v1.6.2`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2135610

https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html

https://dev.gnupg.org/rK4b7d9cd4a018898d7714ce06f3faf2626c14582b

https://access.redhat.com/security/cve/CVE-2022-3515

https://security.netapp.com/advisory/ntap-20230706-0008/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.