{"id":"ALPINE-CVE-2022-3602","details":"A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).","modified":"2025-12-03T22:49:29.680146Z","published":"2022-11-01T18:15:10.983Z","upstream":["CVE-2022-3602"],"references":[{"type":"ADVISORY","url":"https://security.alpinelinux.org/vuln/CVE-2022-3602"}],"affected":[{"package":{"name":"nodejs","ecosystem":"Alpine:v3.17","purl":"pkg:apk/alpine/nodejs?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.12.1-r0"}]}],"versions":["10.13.0-r0","10.14.0-r0","10.14.1-r0","10.14.2-r0","10.15.1-r0","10.15.3-r0","10.16.0-r0","10.16.1-r0","10.16.2-r0","10.16.3-r0","12.13.0-r0","12.13.0-r1","12.13.1-r0","12.14.0-r0","12.14.1-r0","12.15.0-r0","12.15.0-r1","12.15.0-r2","12.16.2-r0","12.16.3-r0","12.16.3-r1","12.17.0-r0","12.18.0-r0","12.18.0-r1","12.18.0-r2","12.18.2-r0","12.18.3-r0","12.18.4-r0","12.19.0-r0","14.15.1-r0","14.15.3-r0","14.15.3-r1","14.15.3-r2","14.15.4-r0","14.15.5-r0","14.16.0-r0","14.16.0-r1","14.16.1-r0","14.16.1-r1","14.16.1-r2","14.17.0-r0","14.17.1-r0","14.17.2-r0","14.17.3-r0","14.17.4-r0","14.17.5-r0","14.17.6-r0","14.17.6-r1","14.18.0-r0","14.18.1-r0","14.18.1-r1","16.13.0-r0","16.13.1-r0","16.13.1-r1","16.13.2-r0","16.13.2-r1","16.14.2-r0","16.14.2-r1","16.15.0-r0","16.15.0-r1","16.16.0-r0","16.16.0-r1","16.17.0-r0","16.17.1-r0","16.18.0-r0","16.18.0-r1","18.12.0-r0","4.4.3-r0","4.4.4-r0","4.4.5-r0","4.4.7-r0","4.5.0-r0","6.10.0-r0","6.10.1-r0","6.10.3-r0","6.11.0-r0","6.11.1-r0","6.11.1-r1","6.11.1-r2","6.11.2-r0","6.11.3-r0","6.11.4-r0","6.11.5-r0","6.9.1-r0","6.9.1-r1","6.9.2-r0","6.9.4-r0","6.9.4-r1","6.9.5-r0","6.9.5-r1","8.10.0-r0","8.11.0-r0","8.11.0-r1","8.11.1-r0","8.11.1-r1","8.11.1-r2","8.11.2-r0","8.11.3-r0","8.11.3-r1","8.11.3-r2","8.11.3-r3","8.11.4-r0","8.12.0-r0","8.9.0-r0","8.9.1-r0","8.9.2-r0","8.9.3-r0","8.9.3-r1","8.9.4-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"nodejs","ecosystem":"Alpine:v3.18","purl":"pkg:apk/alpine/nodejs?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.12.1-r0"}]}],"versions":["10.13.0-r0","10.14.0-r0","10.14.1-r0","10.14.2-r0","10.15.1-r0","10.15.3-r0","10.16.0-r0","10.16.1-r0","10.16.2-r0","10.16.3-r0","12.13.0-r0","12.13.0-r1","12.13.1-r0","12.14.0-r0","12.14.1-r0","12.15.0-r0","12.15.0-r1","12.15.0-r2","12.16.2-r0","12.16.3-r0","12.16.3-r1","12.17.0-r0","12.18.0-r0","12.18.0-r1","12.18.0-r2","12.18.2-r0","12.18.3-r0","12.18.4-r0","12.19.0-r0","14.15.1-r0","14.15.3-r0","14.15.3-r1","14.15.3-r2","14.15.4-r0","14.15.5-r0","14.16.0-r0","14.16.0-r1","14.16.1-r0","14.16.1-r1","14.16.1-r2","14.17.0-r0","14.17.1-r0","14.17.2-r0","14.17.3-r0","14.17.4-r0","14.17.5-r0","14.17.6-r0","14.17.6-r1","14.18.0-r0","14.18.1-r0","14.18.1-r1","16.13.0-r0","16.13.1-r0","16.13.1-r1","16.13.2-r0","16.13.2-r1","16.14.2-r0","16.14.2-r1","16.15.0-r0","16.15.0-r1","16.16.0-r0","16.16.0-r1","16.17.0-r0","16.17.1-r0","16.18.0-r0","16.18.0-r1","18.12.0-r0","4.4.3-r0","4.4.4-r0","4.4.5-r0","4.4.7-r0","4.5.0-r0","6.10.0-r0","6.10.1-r0","6.10.3-r0","6.11.0-r0","6.11.1-r0","6.11.1-r1","6.11.1-r2","6.11.2-r0","6.11.3-r0","6.11.4-r0","6.11.5-r0","6.9.1-r0","6.9.1-r1","6.9.2-r0","6.9.4-r0","6.9.4-r1","6.9.5-r0","6.9.5-r1","8.10.0-r0","8.11.0-r0","8.11.0-r1","8.11.1-r0","8.11.1-r1","8.11.1-r2","8.11.2-r0","8.11.3-r0","8.11.3-r1","8.11.3-r2","8.11.3-r3","8.11.4-r0","8.12.0-r0","8.9.0-r0","8.9.1-r0","8.9.2-r0","8.9.3-r0","8.9.3-r1","8.9.4-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"nodejs","ecosystem":"Alpine:v3.19","purl":"pkg:apk/alpine/nodejs?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.12.1-r0"}]}],"versions":["10.13.0-r0","10.14.0-r0","10.14.1-r0","10.14.2-r0","10.15.1-r0","10.15.3-r0","10.16.0-r0","10.16.1-r0","10.16.2-r0","10.16.3-r0","12.13.0-r0","12.13.0-r1","12.13.1-r0","12.14.0-r0","12.14.1-r0","12.15.0-r0","12.15.0-r1","12.15.0-r2","12.16.2-r0","12.16.3-r0","12.16.3-r1","12.17.0-r0","12.18.0-r0","12.18.0-r1","12.18.0-r2","12.18.2-r0","12.18.3-r0","12.18.4-r0","12.19.0-r0","14.15.1-r0","14.15.3-r0","14.15.3-r1","14.15.3-r2","14.15.4-r0","14.15.5-r0","14.16.0-r0","14.16.0-r1","14.16.1-r0","14.16.1-r1","14.16.1-r2","14.17.0-r0","14.17.1-r0","14.17.2-r0","14.17.3-r0","14.17.4-r0","14.17.5-r0","14.17.6-r0","14.17.6-r1","14.18.0-r0","14.18.1-r0","14.18.1-r1","16.13.0-r0","16.13.1-r0","16.13.1-r1","16.13.2-r0","16.13.2-r1","16.14.2-r0","16.14.2-r1","16.15.0-r0","16.15.0-r1","16.16.0-r0","16.16.0-r1","16.17.0-r0","16.17.1-r0","16.18.0-r0","16.18.0-r1","18.12.0-r0","4.4.3-r0","4.4.4-r0","4.4.5-r0","4.4.7-r0","4.5.0-r0","6.10.0-r0","6.10.1-r0","6.10.3-r0","6.11.0-r0","6.11.1-r0","6.11.1-r1","6.11.1-r2","6.11.2-r0","6.11.3-r0","6.11.4-r0","6.11.5-r0","6.9.1-r0","6.9.1-r1","6.9.2-r0","6.9.4-r0","6.9.4-r1","6.9.5-r0","6.9.5-r1","8.10.0-r0","8.11.0-r0","8.11.0-r1","8.11.1-r0","8.11.1-r1","8.11.1-r2","8.11.2-r0","8.11.3-r0","8.11.3-r1","8.11.3-r2","8.11.3-r3","8.11.4-r0","8.12.0-r0","8.9.0-r0","8.9.1-r0","8.9.2-r0","8.9.3-r0","8.9.3-r1","8.9.4-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"nodejs","ecosystem":"Alpine:v3.20","purl":"pkg:apk/alpine/nodejs?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.12.1-r0"}]}],"versions":["10.13.0-r0","10.14.0-r0","10.14.1-r0","10.14.2-r0","10.15.1-r0","10.15.3-r0","10.16.0-r0","10.16.1-r0","10.16.2-r0","10.16.3-r0","12.13.0-r0","12.13.0-r1","12.13.1-r0","12.14.0-r0","12.14.1-r0","12.15.0-r0","12.15.0-r1","12.15.0-r2","12.16.2-r0","12.16.3-r0","12.16.3-r1","12.17.0-r0","12.18.0-r0","12.18.0-r1","12.18.0-r2","12.18.2-r0","12.18.3-r0","12.18.4-r0","12.19.0-r0","14.15.1-r0","14.15.3-r0","14.15.3-r1","14.15.3-r2","14.15.4-r0","14.15.5-r0","14.16.0-r0","14.16.0-r1","14.16.1-r0","14.16.1-r1","14.16.1-r2","14.17.0-r0","14.17.1-r0","14.17.2-r0","14.17.3-r0","14.17.4-r0","14.17.5-r0","14.17.6-r0","14.17.6-r1","14.18.0-r0","14.18.1-r0","14.18.1-r1","16.13.0-r0","16.13.1-r0","16.13.1-r1","16.13.2-r0","16.13.2-r1","16.14.2-r0","16.14.2-r1","16.15.0-r0","16.15.0-r1","16.16.0-r0","16.16.0-r1","16.17.0-r0","16.17.1-r0","16.18.0-r0","16.18.0-r1","18.12.0-r0","4.4.3-r0","4.4.4-r0","4.4.5-r0","4.4.7-r0","4.5.0-r0","6.10.0-r0","6.10.1-r0","6.10.3-r0","6.11.0-r0","6.11.1-r0","6.11.1-r1","6.11.1-r2","6.11.2-r0","6.11.3-r0","6.11.4-r0","6.11.5-r0","6.9.1-r0","6.9.1-r1","6.9.2-r0","6.9.4-r0","6.9.4-r1","6.9.5-r0","6.9.5-r1","8.10.0-r0","8.11.0-r0","8.11.0-r1","8.11.1-r0","8.11.1-r1","8.11.1-r2","8.11.2-r0","8.11.3-r0","8.11.3-r1","8.11.3-r2","8.11.3-r3","8.11.4-r0","8.12.0-r0","8.9.0-r0","8.9.1-r0","8.9.2-r0","8.9.3-r0","8.9.3-r1","8.9.4-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"nodejs","ecosystem":"Alpine:v3.21","purl":"pkg:apk/alpine/nodejs?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.12.1-r0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"nodejs","ecosystem":"Alpine:v3.22","purl":"pkg:apk/alpine/nodejs?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.12.1-r0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"nodejs","ecosystem":"Alpine:v3.23","purl":"pkg:apk/alpine/nodejs?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.12.1-r0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"openssl","ecosystem":"Alpine:v3.17","purl":"pkg:apk/alpine/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.7-r0"}]}],"versions":["1.1.1-r0","1.1.1-r1","1.1.1-r2","1.1.1-r3","1.1.1-r4","1.1.1-r5","1.1.1a-r0","1.1.1a-r1","1.1.1b-r0","1.1.1b-r1","1.1.1c-r0","1.1.1c-r1","1.1.1d-r1","1.1.1d-r2","1.1.1d-r3","1.1.1d-r4","1.1.1d-r5","1.1.1e-r0","1.1.1f-r0","1.1.1g-r0","1.1.1h-r0","1.1.1i-r0","1.1.1j-r0","1.1.1k-r0","1.1.1k-r1","1.1.1l-r0","3.0.0-r0","3.0.0-r1","3.0.0-r2","3.0.0-r3","3.0.0-r4","3.0.1-r0","3.0.1-r1","3.0.2-r0","3.0.3-r0","3.0.5-r0","3.0.5-r1","3.0.5-r2","3.0.5-r3","3.0.6-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"openssl","ecosystem":"Alpine:v3.18","purl":"pkg:apk/alpine/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.7-r0"}]}],"versions":["1.1.1-r0","1.1.1-r1","1.1.1-r2","1.1.1-r3","1.1.1-r4","1.1.1-r5","1.1.1a-r0","1.1.1a-r1","1.1.1b-r0","1.1.1b-r1","1.1.1c-r0","1.1.1c-r1","1.1.1d-r1","1.1.1d-r2","1.1.1d-r3","1.1.1d-r4","1.1.1d-r5","1.1.1e-r0","1.1.1f-r0","1.1.1g-r0","1.1.1h-r0","1.1.1i-r0","1.1.1j-r0","1.1.1k-r0","1.1.1k-r1","1.1.1l-r0","3.0.0-r0","3.0.0-r1","3.0.0-r2","3.0.0-r3","3.0.0-r4","3.0.1-r0","3.0.1-r1","3.0.2-r0","3.0.3-r0","3.0.5-r0","3.0.5-r1","3.0.5-r2","3.0.5-r3","3.0.6-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"openssl","ecosystem":"Alpine:v3.19","purl":"pkg:apk/alpine/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.7-r0"}]}],"versions":["1.1.1-r0","1.1.1-r1","1.1.1-r2","1.1.1-r3","1.1.1-r4","1.1.1-r5","1.1.1a-r0","1.1.1a-r1","1.1.1b-r0","1.1.1b-r1","1.1.1c-r0","1.1.1c-r1","1.1.1d-r1","1.1.1d-r2","1.1.1d-r3","1.1.1d-r4","1.1.1d-r5","1.1.1e-r0","1.1.1f-r0","1.1.1g-r0","1.1.1h-r0","1.1.1i-r0","1.1.1j-r0","1.1.1k-r0","1.1.1k-r1","1.1.1l-r0","3.0.0-r0","3.0.0-r1","3.0.0-r2","3.0.0-r3","3.0.0-r4","3.0.1-r0","3.0.1-r1","3.0.2-r0","3.0.3-r0","3.0.5-r0","3.0.5-r1","3.0.5-r2","3.0.5-r3","3.0.6-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"openssl","ecosystem":"Alpine:v3.20","purl":"pkg:apk/alpine/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.7-r0"}]}],"versions":["1.1.1-r0","1.1.1-r1","1.1.1-r2","1.1.1-r3","1.1.1-r4","1.1.1-r5","1.1.1a-r0","1.1.1a-r1","1.1.1b-r0","1.1.1b-r1","1.1.1c-r0","1.1.1c-r1","1.1.1d-r1","1.1.1d-r2","1.1.1d-r3","1.1.1d-r4","1.1.1d-r5","1.1.1e-r0","1.1.1f-r0","1.1.1g-r0","1.1.1h-r0","1.1.1i-r0","1.1.1j-r0","1.1.1k-r0","1.1.1k-r1","1.1.1l-r0","3.0.0-r0","3.0.0-r1","3.0.0-r2","3.0.0-r3","3.0.0-r4","3.0.1-r0","3.0.1-r1","3.0.2-r0","3.0.3-r0","3.0.5-r0","3.0.5-r1","3.0.5-r2","3.0.5-r3","3.0.6-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"openssl","ecosystem":"Alpine:v3.21","purl":"pkg:apk/alpine/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.7-r0"}]}],"versions":["1.1.1-r0","1.1.1-r1","1.1.1-r2","1.1.1-r3","1.1.1-r4","1.1.1-r5","1.1.1a-r0","1.1.1a-r1","1.1.1b-r0","1.1.1b-r1","1.1.1c-r0","1.1.1c-r1","1.1.1d-r1","1.1.1d-r2","1.1.1d-r3","1.1.1d-r4","1.1.1d-r5","1.1.1e-r0","1.1.1f-r0","1.1.1g-r0","1.1.1h-r0","1.1.1i-r0","1.1.1j-r0","1.1.1k-r0","1.1.1k-r1","1.1.1l-r0","3.0.0-r0","3.0.0-r1","3.0.0-r2","3.0.0-r3","3.0.0-r4","3.0.1-r0","3.0.1-r1","3.0.2-r0","3.0.3-r0","3.0.5-r0","3.0.5-r1","3.0.5-r2","3.0.5-r3","3.0.6-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"openssl","ecosystem":"Alpine:v3.22","purl":"pkg:apk/alpine/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.7-r0"}]}],"versions":["1.1.1-r0","1.1.1-r1","1.1.1-r2","1.1.1-r3","1.1.1-r4","1.1.1-r5","1.1.1a-r0","1.1.1a-r1","1.1.1b-r0","1.1.1b-r1","1.1.1c-r0","1.1.1c-r1","1.1.1d-r1","1.1.1d-r2","1.1.1d-r3","1.1.1d-r4","1.1.1d-r5","1.1.1e-r0","1.1.1f-r0","1.1.1g-r0","1.1.1h-r0","1.1.1i-r0","1.1.1j-r0","1.1.1k-r0","1.1.1k-r1","1.1.1l-r0","3.0.0-r0","3.0.0-r1","3.0.0-r2","3.0.0-r3","3.0.0-r4","3.0.1-r0","3.0.1-r1","3.0.2-r0","3.0.3-r0","3.0.5-r0","3.0.5-r1","3.0.5-r2","3.0.5-r3","3.0.6-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"openssl","ecosystem":"Alpine:v3.23","purl":"pkg:apk/alpine/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.7-r0"}]}],"versions":["1.1.1-r0","1.1.1-r1","1.1.1-r2","1.1.1-r3","1.1.1-r4","1.1.1-r5","1.1.1a-r0","1.1.1a-r1","1.1.1b-r0","1.1.1b-r1","1.1.1c-r0","1.1.1c-r1","1.1.1d-r1","1.1.1d-r2","1.1.1d-r3","1.1.1d-r4","1.1.1d-r5","1.1.1e-r0","1.1.1f-r0","1.1.1g-r0","1.1.1h-r0","1.1.1i-r0","1.1.1j-r0","1.1.1k-r0","1.1.1k-r1","1.1.1l-r0","3.0.0-r0","3.0.0-r1","3.0.0-r2","3.0.0-r3","3.0.0-r4","3.0.1-r0","3.0.1-r1","3.0.2-r0","3.0.3-r0","3.0.5-r0","3.0.5-r1","3.0.5-r2","3.0.5-r3","3.0.6-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"openssl3","ecosystem":"Alpine:v3.15","purl":"pkg:apk/alpine/openssl3?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.7-r0"}]}],"versions":["1.1.1-r0","1.1.1-r1","1.1.1-r2","1.1.1-r3","1.1.1-r4","1.1.1-r5","1.1.1a-r0","1.1.1a-r1","1.1.1b-r0","1.1.1b-r1","1.1.1c-r0","1.1.1c-r1","1.1.1d-r1","1.1.1d-r2","1.1.1d-r3","1.1.1d-r4","1.1.1d-r5","1.1.1e-r0","1.1.1f-r0","1.1.1g-r0","1.1.1h-r0","1.1.1i-r0","1.1.1j-r0","1.1.1k-r0","1.1.1k-r1","1.1.1l-r0","3.0.0-r0","3.0.0-r1","3.0.0-r2","3.0.0-r3","3.0.0-r4","3.0.2-r0","3.0.3-r0","3.0.5-r0","3.0.5-r1","3.0.6-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}},{"package":{"name":"openssl3","ecosystem":"Alpine:v3.16","purl":"pkg:apk/alpine/openssl3?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.7-r0"}]}],"versions":["1.1.1-r0","1.1.1-r1","1.1.1-r2","1.1.1-r3","1.1.1-r4","1.1.1-r5","1.1.1a-r0","1.1.1a-r1","1.1.1b-r0","1.1.1b-r1","1.1.1c-r0","1.1.1c-r1","1.1.1d-r1","1.1.1d-r2","1.1.1d-r3","1.1.1d-r4","1.1.1d-r5","1.1.1e-r0","1.1.1f-r0","1.1.1g-r0","1.1.1h-r0","1.1.1i-r0","1.1.1j-r0","1.1.1k-r0","1.1.1k-r1","1.1.1l-r0","3.0.0-r0","3.0.0-r1","3.0.0-r2","3.0.0-r3","3.0.0-r4","3.0.1-r0","3.0.1-r1","3.0.2-r0","3.0.3-r0","3.0.5-r0","3.0.5-r1","3.0.6-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-3602.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}