Fluid Attacks Database

Description

denial of service

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.19	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| >=0 <1.1.1g-r0	1.1.1g-r0
maven	mysql-connector-java	>=0 <=8.0.20	-
alpine v3.18	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| >=0 <1.1.1g-r0	1.1.1g-r0
alpine v3.9	openssl	=1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1d-r0 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| >=0 <1.1.1g-r0	1.1.1g-r0
alpine v3.17	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| >=0 <1.1.1g-r0	1.1.1g-r0
alpine v3.15	openssl3	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| >=0 <1.1.1g-r0	1.1.1g-r0
alpine v3.22	openssl	=1.1.1-r0 \|\| =1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| >=0 <1.1.1g-r0	1.1.1g-r0
alpine v3.12	openssl	=1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| >=0 <1.1.1g-r0	1.1.1g-r0
alpine v3.13	openssl	=1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| >=0 <1.1.1g-r0	1.1.1g-r0
alpine v3.14	openssl	=1.1.1-r1 \|\| =1.1.1-r2 \|\| =1.1.1-r3 \|\| =1.1.1-r4 \|\| =1.1.1-r5 \|\| =1.1.1a-r0 \|\| =1.1.1a-r1 \|\| =1.1.1b-r0 \|\| =1.1.1b-r1 \|\| =1.1.1c-r0 \|\| =1.1.1c-r1 \|\| =1.1.1d-r1 \|\| =1.1.1d-r2 \|\| =1.1.1d-r3 \|\| =1.1.1d-r4 \|\| =1.1.1d-r5 \|\| =1.1.1e-r0 \|\| =1.1.1f-r0 \|\| >=0 <1.1.1g-r0	1.1.1g-r0

1-10 of 26

Aliases

1. CVE-2020-19672. NVD-2020-19673. OSV-ALPINE-2020-19674. OSV-2020-19675. OSV-DEBIAN-2020-19676. GCVE-2020-19677. SECURITY-CVE-2020-19678. SECURITY-TRACKER-CVE-2020-19679. security.gentoo.org

References

1. https://github.com/irsl/CVE-2020-19672. http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-Denial-Of-Service.html3. https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b14. https://www.openssl.org/news/secadv/20200421.txt5. https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL6. https://www.synology.com/security/advisory/Synology_SA_20_057. https://www.oracle.com/security-alerts/cpuoct2021.html8. https://www.oracle.com/security-alerts/cpuoct2020.html9. https://www.oracle.com/security-alerts/cpujul2020.html10. https://www.oracle.com/security-alerts/cpujan2021.html11. https://www.oracle.com/security-alerts/cpuApr2021.html12. https://www.oracle.com//security-alerts/cpujul2021.html13. https://www.debian.org/security/2020/dsa-466114. https://security.netapp.com/advisory/ntap-20200717-000415. https://security.netapp.com/advisory/ntap-20200424-000316. https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc17. https://rustsec.org/advisories/RUSTSEC-2020-0015.html18. https://lists.fedoraproject.org/archives/list/[email protected]/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO19. https://lists.fedoraproject.org/archives/list/[email protected]/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD20. https://lists.fedoraproject.org/archives/list/[email protected]/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY21. https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E22. https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E23. https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E24. https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA4444025. http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html26. http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html27. http://seclists.org/fulldisclosure/2020/May/528. http://www.openwall.com/lists/oss-security/2020/04/22/2

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.