Fluid Attacks Database

Description

multiple issues

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.11	openssl	=1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1g-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| >=0 <1.1.1l-r0	1.1.1l-r0
debian 11	openssl	=1.1.1k-1 \|\| >=0 <1.1.1k-1+deb11u1	1.1.1k-1+deb11u1
alpine v3.12	openssl	=1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| >=0 <1.1.1l-r0	1.1.1l-r0
maven	mysql-connector-java	>=0 <=8.0.27	-
alpine v3.16	openssl	>=0 <1.1.1l-r0	1.1.1l-r0
alpine v3.19	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| =1.1.1k-r1 \|\| >=0 <1.1.1l-r0	1.1.1l-r0
alpine v3.22	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| =1.1.1k-r1 \|\| >=0 <1.1.1l-r0	1.1.1l-r0
alpine v3.15	openssl3	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| =1.1.1k-r1 \|\| >=0 <1.1.1l-r0	1.1.1l-r0
alpine v3.16	openssl3	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| =1.1.1j-r0 \|\| =1.1.1k-r0 \|\| =1.1.1k-r1 \|\| >=0 <1.1.1l-r0	1.1.1l-r0
debian 13	openssl	>=0 <1.1.1l-1	1.1.1l-1

1-10 of 30

Aliases

1. CVE-2021-37122. NVD-2021-37123. OSV-ALPINE-2021-37124. OSV-2021-37125. OSV-DEBIAN-2021-37126. GCVE-2021-37127. SECURITY-CVE-2021-37128. SECURITY-TRACKER-CVE-2021-37129. lists.debian.org10. lists.debian.org11. security.gentoo.org12. security.gentoo.org

References

1. https://www.openssl.org/news/secadv/20210824.txt2. https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c113. https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec124. https://www.debian.org/security/2021/dsa-49635. https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E6. http://www.openwall.com/lists/oss-security/2021/08/26/27. https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E8. https://security.netapp.com/advisory/ntap-20210827-0010/9. https://www.oracle.com/security-alerts/cpuoct2021.html10. https://kc.mcafee.com/corporate/index?page=content&id=SB1036611. https://www.oracle.com/security-alerts/cpujan2022.html12. https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf13. https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf14. https://www.oracle.com/security-alerts/cpuapr2022.html15. https://www.openwall.com/lists/oss-security/2021/08/26/216. https://security.netapp.com/advisory/ntap-20240621-000617. https://security.netapp.com/advisory/ntap-20210827-001018. https://rustsec.org/advisories/RUSTSEC-2021-0098.html19. https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E20. https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E21. https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec1222. https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c1123. https://cert-portal.siemens.com/productcert/html/ssa-389290.html24. https://cert-portal.siemens.com/productcert/html/ssa-244969.html25. https://cert-portal.siemens.com/productcert/html/ssa-028723.html26. https://cert-portal.siemens.com/productcert/html/ssa-019200.html

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.