CVE-2022-3786
X.509 Email Address Variable Length Buffer Overflow
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
We have discovered 3,635 live websites that are affected by CVE-2022-3786.
Affected Software
| Product |  OpenSSL |
| Category | Web Server Extensions |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 30 |
| Vulnerable Domains | 3,635 live websites (0.33% of OpenSSL install base) |
Details
- Published - Nov 1, 2022
- Updated - Nov 4, 2022
Credits
- Viktor Dukhovni (finder)
CVE References
CWE References
Countries
 United States | 1,020 websites |
 Germany | 530 websites |
 Finland | 339 websites |
 Italy | 194 websites |
 Japan | 146 websites |
 Netherlands | 94 websites |
 Singapore | 89 websites |
 Russia | 85 websites |
 France | 78 websites |
 Denmark | 78 websites |
TLDs
| .com | 1,121 websites |
| .org | 291 websites |
| .fi | 257 websites |
| .net | 246 websites |
| .de | 235 websites |
| .it | 148 websites |
| .io | 81 websites |
| .dk | 75 websites |
| .ru | 68 websites |
| .edu | 64 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redReferences
- https://www.openssl.org/news/secadv/20221101.txt
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
Websites affected by CVE-2022-3786
Top websites that are affected by CVE-2022-3786. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ***.eu | Germany | **,*** | |
| ***.***.eu | Germany | **,*** | |
| ***.*****.es |  Spain | **,*** | |
| *****.******************.com | United States | **,*** | |
| ****.****.org | United States | **,*** | |
| ***.tm |  Turkmenistan | **,*** | |
| ********.com | United States | **,*** | |
| ********.org | United States | ***,*** | |
| ****.****.org | Germany | ***,*** | |
| *****************.com | United States | ***,*** |