OpenBSD 2.2

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*

part: o version: 2.2 update: *

VendorOpenbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5)
ProductOpenbsd (53340739-b0b7-5bcf-88ee-45d5aaf96683)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/openbsd/src purl2cpe 2026-06-01 10:17:38.225315
pkg:openbsd/openbsd purl2cpe 2026-06-01 10:17:38.225316

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2011-2895 vulnerable 2026-06-08 04:58:09.433629 Details available
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
Published: 2011-08-19T17:00:00.000Z
Updated: 2024-08-06T23:15:31.486Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2011-2168 vulnerable 2026-06-08 04:58:04.423339 Details available
Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418.
Published: 2011-05-24T23:00:00.000Z
Updated: 2024-08-06T22:53:16.829Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2009-0537 vulnerable 2026-06-08 04:51:09.879250 Details available
Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise.
Published: 2009-03-09T21:00:00.000Z
Updated: 2024-08-07T04:40:03.697Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-4609 vulnerable 2026-06-08 04:50:47.225839 Details available
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Published: 2008-10-20T17:00:00.000Z
Updated: 2024-08-07T10:24:20.677Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2005-0740 vulnerable 2026-06-08 04:48:13.499397 Details available
The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout.
Published: 2005-03-13T05:00:00.000Z
Updated: 2024-08-07T21:21:06.751Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2003-1366 vulnerable 2026-06-08 04:47:47.418147 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2003-0144 vulnerable 2026-06-08 04:47:20.798508 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2003-0028 vulnerable 2026-06-08 04:47:20.305083 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2002-2180 vulnerable 2026-06-08 04:47:19.280830 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2002-2092 vulnerable 2026-06-08 04:47:19.073502 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2002-1915 vulnerable 2026-06-08 04:47:18.483076 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2002-0572 vulnerable 2026-06-08 04:46:21.739535 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2001-0554 vulnerable 2026-06-08 04:45:20.489419 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0914 vulnerable 2026-06-08 04:45:18.968393 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-1999-0674 vulnerable 2026-06-08 04:44:58.081407 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-1999-0323 vulnerable 2026-06-08 04:44:58.004904 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-1999-0305 vulnerable 2026-06-08 04:44:58.000542 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-1999-0304 vulnerable 2026-06-08 04:44:58.000134 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-1999-0303 vulnerable 2026-06-08 04:44:57.999603 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-1999-0052 vulnerable 2026-06-08 04:44:57.920669 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.