Fluid Attacks Database

Description

multiple issues

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.15	openssl	>=0 <1.1.1j-r0	1.1.1j-r0
alpine v3.21	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| >=0 <1.1.1j-r0	1.1.1j-r0
alpine v3.22	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| >=0 <1.1.1j-r0	1.1.1j-r0
debian 13	openssl	>=0 <1.1.1j-1	1.1.1j-1
alpine v3.10	openssl	=1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1d-r0 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1g-r0 \|\| =1.1.1i-r0 \|\| >=0 <1.1.1j-r0	1.1.1j-r0
alpine v3.16	openssl3	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| >=0 <1.1.1j-r0	1.1.1j-r0
alpine v3.12	openssl	=1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| >=0 <1.1.1j-r0	1.1.1j-r0
alpine v3.17	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| >=0 <1.1.1j-r0	1.1.1j-r0
alpine v3.18	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| =1.1.1g-r0 \|\| =1.1.1h-r0 \|\| =1.1.1i-r0 \|\| >=0 <1.1.1j-r0	1.1.1j-r0
debian 12	openssl	>=0 <1.1.1j-1	1.1.1j-1

1-10 of 27

Aliases

1. CVE-2021-238402. NVD-2021-238403. OSV-ALPINE-2021-238404. OSV-2021-238405. OSV-DEBIAN-2021-238406. GCVE-2021-238407. SECURITY-CVE-2021-238408. SECURITY-TRACKER-CVE-2021-238409. security.gentoo.org

References

1. https://github.com/Trinadh465/openssl-1.1.1g_CVE-2021-238402. https://www.oracle.com/security-alerts/cpuoct2021.html3. https://www.oracle.com/security-alerts/cpujan2022.html4. https://www.oracle.com/security-alerts/cpuapr2022.html5. https://www.oracle.com/security-alerts/cpuApr2021.html6. https://www.oracle.com//security-alerts/cpujul2021.html7. https://www.openssl.org/news/secadv/20210216.txt8. https://www.debian.org/security/2021/dsa-48559. https://security.netapp.com/advisory/ntap-20210219-000910. https://rustsec.org/advisories/RUSTSEC-2021-0057.html11. https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E12. https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E13. https://kc.mcafee.com/corporate/index?page=content&id=SB1036614. https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA4484615. https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb216. https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc117. https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.