[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-4450":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":24,"downstream":25,"duplicates":72,"related":73,"reserved_at":9,"published_at":89,"modified_at":90,"state":91,"summary":92,"references_raw":101,"kevs":141,"epss":142,"epss_history":145,"metrics":417,"affected":427},"CVE-2022-4450","The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and\ndecodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data.\nIf the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are\npopulated with pointers to buffers containing the relevant decoded data. The\ncaller is responsible for freeing those buffers. It is possible to construct a\nPEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex()\nwill return a failure code but will populate the header argument with a pointer\nto a buffer that has already been freed. If the caller also frees this buffer\nthen a double free will occur. This will most likely lead to a crash. This\ncould be exploited by an attacker who has the ability to supply malicious PEM\nfiles for parsing to achieve a denial of service attack.\n\nThe functions PEM_read_bio() and PEM_read() are simple wrappers around\nPEM_read_bio_ex() and therefore these functions are also directly affected.\n\nThese functions are also called indirectly by a number of other OpenSSL\nfunctions including PEM_X509_INFO_read_bio_ex() and\nSSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal\nuses of these functions are not vulnerable because the caller does not free the\nheader argument if PEM_read_bio_ex() returns a failure code. These locations\ninclude the PEM_read_bio_TYPE() functions as well as the decoders introduced in\nOpenSSL 3.0.\n\nThe OpenSSL asn1parse command line application is also impacted by this issue.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-415","Double Free","The product calls free() twice on the same memory address.","weakness","Draft","Variant","High",[],[],[22,23],"GHSA-v5w6-wcm8-jm4q","RUSTSEC-2023-0010",[],[26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70],{"_key":27},"ALPINE-CVE-2022-4450",{"_key":29},"RHSA-2023:1405",{"_key":31},"RHSA-2023:2932",{"_key":33},"RHSA-2023:3408",{"_key":35},"SUSE-SU-2023:0309-1",{"_key":37},"SUSE-SU-2023:0310-1",{"_key":39},"SUSE-SU-2023:0311-1",{"_key":41},"SUSE-SU-2023:0312-1",{"_key":43},"OPENSUSE-SU-2024:12688-1",{"_key":45},"OPENSUSE-SU-2024:12716-1",{"_key":47},"DLA-3325-1",{"_key":49},"DSA-5343-1",{"_key":51},"RHSA-2023:3420",{"_key":53},"RHSA-2023:0946",{"_key":55},"RHSA-2023:1199",{"_key":57},"RHSA-2023:3354",{"_key":59},"MGASA-2023-0130",{"_key":61},"UBUNTU-CVE-2022-4450",{"_key":63},"USN-5844-1",{"_key":65},"USN-6564-1",{"_key":67},"DEBIAN-CVE-2022-4450",{"_key":69},"RHSA-2023:2165",{"_key":71},"USN-7894-1",[],[74,75,76,77,78,79,80,81,83,85,87],{"_key":59},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":82},"CGA-F5Q3-H8CQ-C984",{"_key":84},"CGA-H63G-4952-PF64",{"_key":86},"CGA-R652-V7WG-M439",{"_key":88},"CGA-WCHX-98RM-H72V","2023-02-08T19:04:04.874Z","2025-11-04T19:14:13.257Z","Modified",{"cisa_kev":93,"cisa_ransomware":93,"cisa_vendor":9,"epss_severity":94,"epss_score":95,"severity":96,"severity_score":97,"severity_version":98,"severity_source":99,"severity_vector":100,"severity_status":91},false,"low",0.00147,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[102,110,115,119,123,127,132,136],{"url":103,"sources":104,"tags":107},"https://www.openssl.org/news/secadv/20230207.txt",[99,105,106],"nvd","osv_crates.io",[108,109],"Vendor Advisory","WEB",{"url":111,"sources":112,"tags":113},"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83",[99,105,106],[114,108,109],"Patch",{"url":116,"sources":117,"tags":118},"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b",[99,105,106],[114,108,109],{"url":120,"sources":121,"tags":122},"https://security.gentoo.org/glsa/202402-08",[99,105,106],[109],{"url":124,"sources":125,"tags":126},"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003",[99,105,106],[109],{"url":128,"sources":129,"tags":130},"https://nvd.nist.gov/vuln/detail/CVE-2022-4450",[106],[131],"Advisory",{"url":133,"sources":134,"tags":135},"https://rustsec.org/advisories/RUSTSEC-2023-0010.html",[106],[109,131],{"url":137,"sources":138,"tags":139},"https://crates.io/crates/openssl-src",[106],[140],"PACKAGE",[],{"date":143,"score":95,"percentile":144},"2026-06-04",0.3487,[146,150,154,157,160,163,166,169,172,175,178,181,184,187,190,194,197,200,204,207,210,213,216,218,221,224,227,230,233,236,239,242,246,248,251,254,257,260,263,266,269,272,275,278,281,285,288,291,294,296,299,302,305,308,311,314,317,320,322,325,328,331,334,337,340,343,346,349,352,355,358,361,364,367,370,373,376,379,382,385,388,391,394,396,399,402,405,408,411,414],{"date":147,"score":148,"percentile":149},"2025-11-04",0.00129,0.33118,{"date":151,"score":152,"percentile":153},"2025-11-05",0.00131,0.33439,{"date":155,"score":152,"percentile":156},"2025-11-06",0.33438,{"date":158,"score":152,"percentile":159},"2025-11-07",0.33454,{"date":161,"score":152,"percentile":162},"2025-11-08",0.33453,{"date":164,"score":152,"percentile":165},"2025-11-09",0.33429,{"date":167,"score":152,"percentile":168},"2025-11-10",0.33375,{"date":170,"score":152,"percentile":171},"2025-11-11",0.334,{"date":173,"score":152,"percentile":174},"2025-11-12",0.33446,{"date":176,"score":152,"percentile":177},"2025-11-13",0.3346,{"date":179,"score":152,"percentile":180},"2025-11-14",0.33465,{"date":182,"score":152,"percentile":183},"2025-11-15",0.33464,{"date":185,"score":152,"percentile":186},"2025-11-16",0.33434,{"date":188,"score":152,"percentile":189},"2025-11-17",0.33405,{"date":191,"score":192,"percentile":193},"2025-11-18",0.01522,0.79674,{"date":195,"score":192,"percentile":196},"2025-11-19",0.79679,{"date":198,"score":192,"percentile":199},"2025-11-20",0.79686,{"date":201,"score":202,"percentile":203},"2025-11-21",0.00118,0.31412,{"date":205,"score":202,"percentile":206},"2025-11-22",0.31421,{"date":208,"score":202,"percentile":209},"2025-11-23",0.31395,{"date":211,"score":202,"percentile":212},"2025-11-24",0.31373,{"date":214,"score":202,"percentile":215},"2025-11-25",0.31369,{"date":217,"score":202,"percentile":215},"2025-11-26",{"date":219,"score":202,"percentile":220},"2025-11-27",0.31382,{"date":222,"score":202,"percentile":223},"2025-11-28",0.31363,{"date":225,"score":202,"percentile":226},"2025-11-29",0.31348,{"date":228,"score":202,"percentile":229},"2025-11-30",0.31324,{"date":231,"score":202,"percentile":232},"2025-12-01",0.31399,{"date":234,"score":202,"percentile":235},"2025-12-02",0.31427,{"date":237,"score":202,"percentile":238},"2025-12-03",0.31426,{"date":240,"score":152,"percentile":241},"2025-12-04",0.33335,{"date":243,"score":244,"percentile":245},"2025-12-05",0.0014,0.34676,{"date":247,"score":244,"percentile":245},"2025-12-06",{"date":249,"score":244,"percentile":250},"2025-12-07",0.34649,{"date":252,"score":244,"percentile":253},"2025-12-08",0.34662,{"date":255,"score":244,"percentile":256},"2025-12-09",0.34701,{"date":258,"score":244,"percentile":259},"2025-12-10",0.34748,{"date":261,"score":244,"percentile":262},"2025-12-11",0.3477,{"date":264,"score":244,"percentile":265},"2025-12-12",0.348,{"date":267,"score":244,"percentile":268},"2025-12-13",0.34782,{"date":270,"score":244,"percentile":271},"2025-12-14",0.34755,{"date":273,"score":244,"percentile":274},"2025-12-15",0.34712,{"date":276,"score":244,"percentile":277},"2025-12-16",0.34737,{"date":279,"score":244,"percentile":280},"2025-12-17",0.3479,{"date":282,"score":283,"percentile":284},"2025-12-18",0.00126,0.3282,{"date":286,"score":283,"percentile":287},"2025-12-19",0.32846,{"date":289,"score":244,"percentile":290},"2025-12-20",0.3484,{"date":292,"score":244,"percentile":293},"2025-12-21",0.34783,{"date":295,"score":244,"percentile":271},"2025-12-22",{"date":297,"score":244,"percentile":298},"2025-12-23",0.34751,{"date":300,"score":244,"percentile":301},"2025-12-24",0.34741,{"date":303,"score":244,"percentile":304},"2025-12-25",0.34805,{"date":306,"score":244,"percentile":307},"2025-12-26",0.34787,{"date":309,"score":283,"percentile":310},"2025-12-27",0.32816,{"date":312,"score":244,"percentile":313},"2025-12-28",0.34703,{"date":315,"score":244,"percentile":316},"2025-12-29",0.34668,{"date":318,"score":244,"percentile":319},"2025-12-30",0.3466,{"date":321,"score":244,"percentile":274},"2025-12-31",{"date":323,"score":244,"percentile":324},"2026-01-01",0.34864,{"date":326,"score":244,"percentile":327},"2026-01-02",0.34855,{"date":329,"score":244,"percentile":330},"2026-01-03",0.34838,{"date":332,"score":244,"percentile":333},"2026-01-04",0.34689,{"date":335,"score":244,"percentile":336},"2026-01-05",0.34673,{"date":338,"score":244,"percentile":339},"2026-01-06",0.34685,{"date":341,"score":244,"percentile":342},"2026-01-07",0.34702,{"date":344,"score":244,"percentile":345},"2026-01-08",0.34729,{"date":347,"score":244,"percentile":348},"2026-01-09",0.34723,{"date":350,"score":244,"percentile":351},"2026-01-10",0.34728,{"date":353,"score":244,"percentile":354},"2026-01-11",0.34709,{"date":356,"score":244,"percentile":357},"2026-01-12",0.3465,{"date":359,"score":244,"percentile":360},"2026-01-13",0.34632,{"date":362,"score":244,"percentile":363},"2026-01-14",0.34671,{"date":365,"score":244,"percentile":366},"2026-01-15",0.34661,{"date":368,"score":244,"percentile":369},"2026-01-16",0.34679,{"date":371,"score":244,"percentile":372},"2026-01-17",0.34664,{"date":374,"score":283,"percentile":375},"2026-01-18",0.32619,{"date":377,"score":283,"percentile":378},"2026-01-19",0.32586,{"date":380,"score":283,"percentile":381},"2026-01-20",0.32567,{"date":383,"score":283,"percentile":384},"2026-01-21",0.32525,{"date":386,"score":283,"percentile":387},"2026-01-22",0.32493,{"date":389,"score":283,"percentile":390},"2026-01-23",0.32555,{"date":392,"score":283,"percentile":393},"2026-01-24",0.32563,{"date":395,"score":283,"percentile":387},"2026-01-25",{"date":397,"score":244,"percentile":398},"2026-01-26",0.34413,{"date":400,"score":244,"percentile":401},"2026-01-27",0.34407,{"date":403,"score":244,"percentile":404},"2026-01-28",0.34386,{"date":406,"score":244,"percentile":407},"2026-01-29",0.34348,{"date":409,"score":244,"percentile":410},"2026-01-30",0.34335,{"date":412,"score":244,"percentile":413},"2026-01-31",0.34345,{"date":415,"score":244,"percentile":416},"2026-02-01",0.34441,[418,423,425],{"source":99,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":419,"cvss_v4_0":9},{"baseScore":97,"baseSeverity":420,"vectorString":100,"impactScore":421,"exploitabilityScore":422},"HIGH",6,10,{"source":105,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":424,"cvss_v4_0":9},{"baseScore":97,"baseSeverity":420,"vectorString":100,"impactScore":421,"exploitabilityScore":422},{"source":106,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":426,"cvss_v4_0":9},{"baseScore":97,"baseSeverity":9,"vectorString":100,"impactScore":421,"exploitabilityScore":422},[428,444,456],{"ecosystem":429,"name":430,"vendor":429,"product":430,"cpe_part":9,"purl_type":431,"purl_namespace":9,"purl_name":430,"source":9,"versions":432},"Crates.Io","openssl-src","cargo",[433,439],{"version":434,"is_range":435,"range_type":436,"version_start":9,"version_start_type":9,"version_end":437,"version_end_type":438,"fixed_in":9},"lt111_25_0",true,"semver","111.25.0","excluding",{"version":440,"is_range":435,"range_type":436,"version_start":441,"version_start_type":442,"version_end":443,"version_end_type":438,"fixed_in":9},"gte300_0_0_lt300_0_12","300.0.0","including","300.0.12",{"ecosystem":9,"name":445,"vendor":9,"product":445,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":446},"OpenSSL",[447,452],{"version":448,"is_range":435,"range_type":449,"version_start":450,"version_start_type":442,"version_end":451,"version_end_type":438,"fixed_in":9},"gte1.1.1_lt1.1.1t","cpe","1.1.1","1.1.1t",{"version":453,"is_range":435,"range_type":449,"version_start":454,"version_start_type":442,"version_end":455,"version_end_type":438,"fixed_in":9},"gte3.0.0_lt3.0.8","3.0.0","3.0.8",{"ecosystem":9,"name":457,"vendor":458,"product":459,"cpe_part":460,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":461},"StormShield Network Security","stormshield","stormshield network security","a",[462,466],{"version":463,"is_range":435,"range_type":449,"version_start":464,"version_start_type":442,"version_end":465,"version_end_type":438,"fixed_in":9},"gte4.0.0_lt4.3.16","4.0.0","4.3.16",{"version":467,"is_range":435,"range_type":449,"version_start":468,"version_start_type":442,"version_end":469,"version_end_type":438,"fixed_in":9},"gte4.4.0_lt4.6.3","4.4.0","4.6.3"]