Vulnerability Name:

CVE-2021-23841 (CCN-196847)

Assigned:2021-02-16
Published:2021-02-16
Updated:2023-01-09
Summary:The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
CVSS v3 Severity:5.9 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.9 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.2 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-476
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2021-23841

Source: openssl-security@openssl.org
Type: Mailing List, Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Mailing List, Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Mailing List, Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Patch, Third Party Advisory
openssl-security@openssl.org

Source: XF
Type: UNKNOWN
openssl-cve202123841-dos(196847)

Source: openssl-security@openssl.org
Type: Patch, Vendor Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Vendor Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: CCN
Type: Apple security document HT212528
About the security content of iOS 14.6 and iPadOS 14.6

Source: CCN
Type: Apple security document HT212529
About the security content of macOS Big Sur 11.4

Source: CCN
Type: Apple security document HT212534
About the security content of Safari 14.1.1

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: CCN
Type: IBM Security Bulletin 6416707 (WIoTP MessageGateway)
OpenSSL publicly disclosed vulnerabilities affect MessageGateway (CVE-2021-23841 CVE-2021-23840)

Source: CCN
Type: IBM Security Bulletin 6427489 (Sterling Connect:Express for UNIX)
IBM Sterling Connect:Express for UNIX is Affected by Multiple Vulnerabilities in OpenSSL

Source: CCN
Type: IBM Security Bulletin 6428997 (SDK for Node.js for Bluemix)
Multiple vulnerabilities affect IBM SDK for Node.js in IBM Cloud

Source: CCN
Type: IBM Security Bulletin 6429433 (Rational ClearQuest)
Vulnerabilities in OpenSSL affect IBM Rational ClearQuest

Source: CCN
Type: IBM Security Bulletin 6429603 (i)
OpenSSL for IBM i is affected by CVE-2021-23840 and CVE-2021-23841

Source: CCN
Type: IBM Security Bulletin 6430719 (z/Transaction Processing Facility)
z/TPF is affected by OpenSSL vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6434197 (MQ for HPE NonStop)
IBM MQ for HP NonStop Server is affected by OpenSSL vulnerabilities CVE-2021-23839, CVE-2021-23840 and CVE-2021-23841

Source: CCN
Type: IBM Security Bulletin 6439501 (WebSphere MQ)
WebSphere MQ for HP NonStop Server is affected by multiple OpenSSL vulnerabilities CVE-2021-23839, CVE-2021-23840 and CVE-2021-23841

Source: CCN
Type: IBM Security Bulletin 6443405 (AIX)
Vulnerabilities in OpenSSL affect AIX (CVE-2021-23839, CVE-2021-23840, and CVE-2021-23841)

Source: CCN
Type: IBM Security Bulletin 6445489 (Spectrum Protect Backup-Archive Client)
Vulnerabilities in OpenSSL affect IBM Spectrum Protect Backup-Archive Client NetApp Services (CVE-2020-1971, CVE-2021-23840, CVE-2021-23841)

Source: CCN
Type: IBM Security Bulletin 6452233 (Sterling Connect:Direct for HP NonStop)
Multiple OpenSSL Vulnerabilities Affect IBM Connect:Direct for HP NonStop

Source: CCN
Type: IBM Security Bulletin 6458259 (Aspera High-Speed Transfer Server (HSTS))
OpenSSL vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, Aspera Desktop Client 4.0 and earlier (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Source: CCN
Type: IBM Security Bulletin 6458629 (Aspera High-Speed Transfer Server (HSTS))
OpenSSL vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, Aspera Desktop Client 4.0 and earlier (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Source: CCN
Type: IBM Security Bulletin 6462927 (Rational ClearCase)
Vulnerability in OpenSSL affects IBM Rational ClearCase (CVE-2020-1971, CVE-2021-23839, CVE-2021-23840, CVE-2021-23841, CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Source: CCN
Type: IBM Security Bulletin 6472137 (Netcool/System Service Monitor)
Multiple vulnerabilities in OpenSSL affect IBM Tivoli Netcool System Service Monitors/Application Service Monitors

Source: CCN
Type: IBM Security Bulletin 6475919 (Rational Rhapsody Design Manager)
Multiple vulnerabilites affect Engineering Lifecycle Management and IBM Engineering products.

Source: CCN
Type: IBM Security Bulletin 6476346 (Security Verify Gateway)
Multiple Security Vulnerabilities fixed in Openssl as shipped with IBM Security Verify products

Source: CCN
Type: IBM Security Bulletin 6479349 (Workload Scheduler)
Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler

Source: CCN
Type: IBM Security Bulletin 6479935 (MaaS360)
A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender (V2.103.000.051) and Modules

Source: CCN
Type: IBM Security Bulletin 6486335 (Cloud Private)
IBM Cloud Private is vulnerable to OpenSSL vulnerabilities (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Source: CCN
Type: IBM Security Bulletin 6487493 (c-type SAN directors and switches)
Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches.

Source: CCN
Type: IBM Security Bulletin 6490371 (Aspera Shares)
Aspera Web Applications (Shares, Console) are affected by OpenSSL Vulnerabilities (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Source: CCN
Type: IBM Security Bulletin 6491653 (Security Verify Bridge)
ultiple vulnerabilities fixed in IBM Security Verify Bridge - Docker

Source: CCN
Type: IBM Security Bulletin 6507581 (InfoSphere Master Data Management)
IBM InfoSphere Master Data Management Server vulnerability in OpenSSL

Source: CCN
Type: IBM Security Bulletin 6538610 (App Connect Enterprise Certified Container)
IBM App Connect Enterprise Certified Container may be affected by openssl vulnerabilities CVE-2021-23840 and CVE-2021-23841

Source: CCN
Type: IBM Security Bulletin 6541298 (Cloud Pak for Automation)
Multiple security vulnerabilities fixed in Cloud Pak for Automation components

Source: CCN
Type: IBM Security Bulletin 6557172 (Integrated Analytics System)
Vulnerability in OpenSSL affects IBM Integrated Analytics System.

Source: CCN
Type: IBM Security Bulletin 6560126 (Sterling Connect:Direct for UNIX Certified Container)
IBM Sterling Connect:Direct for UNIX Certified Container is affected by multiple vulnerabilities in Red Hat Universal Base Image version 8.4-206.1626828523 and Binutils version 2.30-93

Source: CCN
Type: IBM Security Bulletin 6560154 (Flex System)
IBM RackSwitch firmware products are affected by vulnerabilities in OpenSSL

Source: CCN
Type: IBM Security Bulletin 6560158 (Flex System)
IBM Flex System switch firmware products are affected by vulnerabilities in OpenSSL

Source: CCN
Type: IBM Security Bulletin 6563575 (Security Guardium)
IBM Security Guardium is affected by OpenSSL denial of service vulnerabilities (CVE-2021-23840, CVE-2021-23841)

Source: CCN
Type: IBM Security Bulletin 6566041 (QRadar Network Security)
IBM QRadar Network Security is affected by denial of service vulnerabilities in OpenSSL (CVE-2021-23840, CVE-2021-23841)

Source: CCN
Type: IBM Security Bulletin 6601731 (Security Verify Access)
Multiple security vulnerabilities fixed in IBM Security Verify Access Appliance (CVE-2022-23308, CVE-2021-23840, CVE-2021-23841, CVE-2021-3712)

Source: CCN
Type: IBM Security Bulletin 6612587 (Cloud Pak System Software)
Multiple vulnerabilities in expat, glibc, http server, dojo, openssl shipped with IBM Cloud Pak System

Source: CCN
Type: IBM Security Bulletin 6616497 (b-type SAN directors and switches)
Vulnerability in Fabric OS firmware used by IBM b-type SAN directors and switches.

Source: CCN
Type: IBM Security Bulletin 6618941 (Aspera Faspex)
IBM Aspera Faspex 4.4.2 has addressed multiple security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6856409 (Cloud Pak for Security)
IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6952327 (Aspera Orchestrator)
IBM Aspera Orchestrator affected by OpenSSL vulnerabilities (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Source: CCN
Type: IBM Security Bulletin 6985591 (Safer Payments)
IBM Safer Payments is vulnerable to multiple OpenSSL vulnerabilities (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Source: CCN
Type: OpenSSL Security Advisory [16 February 2021]
OpenSSL Security Advisory [16 February 2021]

Source: openssl-security@openssl.org
Type: Vendor Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Patch, Third Party Advisory
openssl-security@openssl.org

Source: CCN
Type: Oracle Critical Patch Update Advisory - April 2021
Oracle Critical Patch Update Advisory - April 2021

Source: openssl-security@openssl.org
Type: Patch, Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Patch, Third Party Advisory
openssl-security@openssl.org

Source: CCN
Type: Oracle CPUOct2021
Oracle Critical Patch Update Advisory - October 2021

Source: openssl-security@openssl.org
Type: Patch, Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*
    • Configuration RedHat 6:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*
    • Configuration RedHat 7:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*
    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*
    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.1.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:ibm:aix:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:5.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_master_data_management:11.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:netcool/system_service_monitor:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_master_data_management:11.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_rhapsody_design_manager:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearquest:9.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:workload_scheduler:9.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:9.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:business_intelligence:12.2.1.3.0::~~enterprise~~~:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_network_security:5.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:workload_automation:9.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:business_intelligence:12.2.1.4.0::~~enterprise~~~:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_connect:express:1.5.0:*:*:*:unix:*:*:*
  • OR cpe:/a:ibm:qradar_network_security:5.5.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_protect_backup-archive_client:7.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_protect_backup-archive_client:8.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mq_for_hpe_nonstop:8.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mq_for_hpe_nonstop:8.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:aspera_console:3.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:aspera_shares:1.9.14:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:workload_automation:9.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.2.1:cd:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearquest:9.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearquest:9.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.2.2:cd:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:workload_scheduler:9.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_protect_backup-archive_client:8.1.11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:21.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:21.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:aspera_faspex:4.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.10.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:safer_payments:6.1.0.00:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:safer_payments:6.2.0.00:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:safer_payments:5.7.0.00:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:safer_payments:6.0.0.00:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:8084
    P
    		libopenssl-1_0_0-devel-1.0.2p-150000.3.73.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7630
    P
    		libopenssl-1_1-devel-1.1.1l-150500.15.4 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:3045
    P
    		cups-pk-helper-0.2.5-5.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3576
    P
    		libasan2-32bit-5.3.1+r233831-12.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3442
    P
    		axis-1.4-290.6.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94675
    P
    		libopenssl-1_1-devel-1.1.1l-150400.5.14 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95072
    P
    		libopenssl-1_0_0-devel-1.0.2p-3.49.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94688
    P
    		libpng16-16-1.6.34-3.9.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:170
    P
    		libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:102233
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:102230
    P
    		Security update for 389-ds (Important)
    2022-04-04
    oval:org.opensuse.security:def:93326
    P
    		 (Important)
    2022-03-07
    oval:org.opensuse.security:def:99216
    P
    		 (Moderate)
    2022-03-04
    oval:org.opensuse.security:def:102307
    P
    		Security update for the Linux Kernel (Important)
    2022-01-26
    oval:org.opensuse.security:def:112740
    P
    		libopenssl-1_0_0-devel-1.0.2u-6.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:112741
    P
    		libopenssl-1_1-devel-1.1.1l-1.2 on GA media (Moderate)
    2022-01-17
    oval:com.redhat.rhsa:def:20214198
    P
    		RHSA-2021:4198: edk2 security, bug fix, and enhancement update (Moderate)
    2021-11-09
    oval:com.redhat.rhsa:def:20214424
    P
    		RHSA-2021:4424: openssl security and bug fix update (Moderate)
    2021-11-09
    oval:com.redhat.rhsa:def:20213798
    P
    		RHSA-2021:3798: openssl security update (Moderate)
    2021-10-12
    oval:org.opensuse.security:def:106212
    P
    		libopenssl-1_0_0-devel-1.0.2u-6.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:106213
    P
    		libopenssl-1_1-devel-1.1.1l-1.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:99416
    P
    		 (Critical)
    2021-09-20
    oval:org.opensuse.security:def:99413
    P
    		 (Important)
    2021-09-03
    oval:org.opensuse.security:def:2007
    P
    		libopenssl-1_0_0-devel-1.0.2p-3.37.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63096
    P
    		libopenssl-1_0_0-devel-1.0.2p-3.37.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:101401
    P
    		sca-patterns-sle15-1.0.1-12.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:71929
    P
    		libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62188
    P
    		libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100946
    P
    		libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1099
    P
    		libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:86748
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:31368
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:82170
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:21431
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:55874
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:51760
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:84745
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:28963
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:23772
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:58925
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:87566
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:31748
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:82697
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:57191
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:85832
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:29490
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:54786
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:51191
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:32284
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:83258
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:23203
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:57571
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:86212
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:30051
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:81125
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:55313
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:33102
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:84287
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:58107
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:40677
    P
    		Security update for openssl (Moderate)
    2021-03-19
    oval:org.opensuse.security:def:38273
    P
    		Security update for openssl (Moderate)
    2021-03-19
    oval:org.opensuse.security:def:45107
    P
    		Security update for openssl (Moderate)
    2021-03-19
    oval:org.opensuse.security:def:39296
    P
    		Security update for openssl (Moderate)
    2021-03-19
    oval:org.opensuse.security:def:41652
    P
    		Security update for openssl (Moderate)
    2021-03-19
    oval:org.opensuse.security:def:43726
    P
    		Security update for openssl (Moderate)
    2021-03-19
    oval:org.opensuse.security:def:46082
    P
    		Security update for openssl (Moderate)
    2021-03-19
    oval:org.opensuse.security:def:40693
    P
    		Security update for openssl1 (Moderate)
    2021-03-17
    oval:org.opensuse.security:def:42821
    P
    		Security update for openssl1 (Moderate)
    2021-03-17
    oval:org.opensuse.security:def:45123
    P
    		Security update for openssl1 (Moderate)
    2021-03-17
    oval:org.opensuse.security:def:39311
    P
    		Security update for openssl1 (Moderate)
    2021-03-17
    oval:org.opensuse.security:def:37536
    P
    		Security update for openssl1 (Moderate)
    2021-03-17
    oval:org.opensuse.security:def:43741
    P
    		Security update for openssl1 (Moderate)
    2021-03-17
    oval:org.opensuse.security:def:52025
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:49190
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:24037
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:52051
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:51178
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:24063
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:23190
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:125670
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:4753
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:111271
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:20719
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:51747
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:111275
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:23759
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:5972
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:76129
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:92665
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:69608
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:95520
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:9666
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:93023
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:99615
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:6467
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:108899
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:70005
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:67061
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:10222
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:93329
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:100126
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:70556
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:95594
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:92466
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:108973
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:67556
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:9468
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:92864
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:117896
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:69806
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:9865
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:93176
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:99814
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:70362
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:97282
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:10416
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:92266
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:89259
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:108896
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:34039
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:70002
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:67058
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:100380
    P
    		 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:97277
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:10219
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:100123
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:9105
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:126835
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:70553
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:5194
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:92463
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:125668
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:100713
    P
    		 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:97278
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:59862
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:9465
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:92861
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:88579
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:117581
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:33781
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:69803
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:73787
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:9862
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:93173
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:99811
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:8716
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:89517
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:34651
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:70359
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:97279
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:10413
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:127232
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:5969
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:52023
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:92071
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:108067
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:42157
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:76126
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:64665
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:99454
    P
    		 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:24035
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:59604
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:8910
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:92662
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:99021
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:88262
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:69605
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:26207
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:60474
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:95517
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:9663
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:93020
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:99612
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:125665
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:59859
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:88576
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:33778
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:89514
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:34648
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:127229
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:52020
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:24032
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:59601
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:88259
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:26205
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:60471
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:89256
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:34036
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:126832
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:5192
    P
    		Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    BACK
    openssl openssl 1.0.0
    openssl openssl 1.0.2
    openssl openssl 1.0.1
    openssl openssl 1.1.1
    ibm aix 7.1
    ibm rational clearcase 8.0.1
    ibm rational clearcase 8.0.0
    ibm i 7.1
    ibm i 7.2
    ibm websphere mq 5.3.1
    ibm infosphere master data management 11.5
    ibm netcool/system service monitor 4.0.1
    ibm i 7.3
    ibm aix 7.2
    ibm infosphere master data management 11.6
    ibm rational rhapsody design manager 6.0.2
    ibm rational clearquest 9.0.1
    ibm workload scheduler 9.4
    ibm rational clearcase 9.0.1
    oracle business intelligence 12.2.1.3.0
    ibm qradar network security 5.4.0
    ibm workload automation 9.4
    oracle business intelligence 12.2.1.4.0
    ibm sterling connect:express 1.5.0
    ibm qradar network security 5.5.0
    ibm i 7.4
    ibm vios 3.1
    ibm spectrum protect backup-archive client 7.1.0.0
    ibm spectrum protect backup-archive client 8.1.0.0
    ibm mq for hpe nonstop 8.1.0
    ibm mq for hpe nonstop 8.0.4
    ibm aspera console 3.4.0
    ibm aspera shares 1.9.14
    ibm security guardium 11.0
    ibm security guardium 11.1
    ibm workload automation 9.5
    ibm cloud private 3.2.1 cd
    ibm rational clearquest 9.0.0
    ibm rational clearquest 9.0.2
    ibm cloud private 3.2.2 cd
    ibm security guardium 11.2
    ibm security verify access 10.0.2.0
    ibm workload scheduler 9.5
    ibm spectrum protect backup-archive client 8.1.11.0
    ibm security guardium 11.3
    ibm cloud pak for automation 21.0.1
    ibm cloud pak for automation 21.0.2 -
    ibm security verify access 10.0.0.0
    ibm security guardium 11.4
    ibm security verify access 10.0.1.0
    ibm aspera faspex 4.4.1
    ibm security verify access 10.0.3.0
    ibm cloud pak for security 1.10.0.0
    ibm cloud pak for security 1.10.6.0
    ibm safer payments 6.1.0.00
    ibm safer payments 6.2.0.00
    ibm safer payments 5.7.0.00
    ibm safer payments 6.0.0.00