CVE-2021-23840

{"id": "CVE-2021-23840", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-02-16T17:15:13.300", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1", "source": "openssl-security@openssl.org"}, {"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2", "source": "openssl-security@openssl.org"}, {"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "source": "openssl-security@openssl.org"}, {"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "source": "openssl-security@openssl.org"}, {"url": "https://security.gentoo.org/glsa/202103-03", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://security.netapp.com/advisory/ntap-20210219-0009/", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.debian.org/security/2021/dsa-4855", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.openssl.org/news/secadv/20210216.txt", "tags": ["Vendor Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.oracle.com//security-alerts/cpujul2021.html", "tags": ["Patch", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "tags": ["Patch", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "tags": ["Patch", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.tenable.com/security/tns-2021-03", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.tenable.com/security/tns-2021-09", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.tenable.com/security/tns-2021-10", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x)."}, {"lang": "es", "value": "Las llamadas a EVP_CipherUpdate, EVP_EncryptUpdate y EVP_DecryptUpdate, pueden desbordar el argumento de la longitud de salida en algunos casos en los que la longitud de entrada est\u00e1 cerca de la longitud m\u00e1xima permitida para un entero en la plataforma. En tales casos, el valor de retorno de la llamada a la funci\u00f3n ser\u00e1 1 (indicando success), pero el valor de la longitud de salida ser\u00e1 negativo. Esto podr\u00eda causar que las aplicaciones se comporten de forma incorrecta o se bloqueen. Las versiones de OpenSSL 1.1.1i e inferiores est\u00e1n afectadas por este problema. Los usuarios de estas versiones deber\u00edan actualizar a OpenSSL versi\u00f3n 1.1.1j. Las versiones de OpenSSL 1.0.2x e inferiores est\u00e1n afectadas por este problema. Sin embargo, OpenSSL versi\u00f3n 1.0.2 est\u00e1 fuera de soporte y ya no recibe actualizaciones p\u00fablicas. Los clientes con soporte Premium de OpenSSL versi\u00f3n 1.0.2 deben actualizar a la versi\u00f3n 1.0.2y. Los dem\u00e1s usuarios deben actualizar a la versi\u00f3n 1.1.1j. Corregido en OpenSSL versi\u00f3n 1.1.1j (Afect\u00f3 versiones 1.1.1-1.1.1i). Corregido en OpenSSL versi\u00f3n 1.0.2y (Afect\u00f3 versiones 1.0.2-1.0.2x)"}], "lastModified": "2023-11-07T03:30:55.040", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F12DBEEA-AAB3-4383-A3E2-F865B960BA07", "versionEndExcluding": "1.0.2y", "versionStartIncluding": "1.0.2"}, {"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90147138-26F0-42CF-A1DB-BE1853885CA6", "versionEndExcluding": "1.1.1j", "versionStartIncluding": "1.1.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2D529D0-539D-4540-B70C-230D09A87572", "versionEndExcluding": "6.0.8"}, {"criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "657682A0-54D5-4DC6-A98E-8BAF685926C4"}, {"criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FC5C76C-3474-4B26-8CF0-2DFAFA3D5458"}, {"criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8661D361-71B5-4C41-A818-C89EC551D900"}, {"criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "253603DC-2D92-442A-B3A8-A63E14D8A070"}, {"criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E112CFF-31F9-4D87-9A1B-AE0FCF69615E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "D40AD626-B23A-44A3-A6C0-1FFB4D647AE4"}, {"criteria": "cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "B602F9E8-1580-436C-A26D-6E6F8121A583"}, {"criteria": "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "77C3DD16-1D81-40E1-B312-50FBD275507C"}, {"criteria": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "81DAC8C0-D342-44B5-9432-6B88D389584F"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4367D9B-BF81-47AD-A840-AC46317C774D"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61516569-C48F-4362-B334-8CA10EDB0EC2"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B095CC03-7077-4A58-AB25-CC5380CDCE5A"}, {"criteria": "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "058C7C4B-D692-49DE-924A-C2725A8162D3"}, {"criteria": "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "0F0434A5-F2A1-4973-917C-A95F2ABE97D1"}, {"criteria": "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "96DD93E0-274E-4C36-99F3-EEF085E57655"}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86305E47-33E9-411C-B932-08C395C09982", "versionEndExcluding": "9.2.6.0"}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B1CAD50-749F-4ADB-A046-BF3585677A58"}, {"criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9E14DE8-29C1-4C0C-9B31-2E3A11EE68E4", "versionEndExcluding": "5.7.33"}, {"criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBE10671-5C91-4ACF-ABD2-255E9F2F9D79", "versionEndExcluding": "8.0.23", "versionStartIncluding": "8.0.15"}, {"criteria": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D04565AE-D092-4AE0-8FEE-0E8114662A1B", "versionEndExcluding": "20.3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A30F7908-5AF6-4761-BC6A-4C18EFAE48E5", "versionEndExcluding": "5.10.0"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F30D3AF-4FA3-4B7A-BE04-C24E2EA19A95"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B00DDE7-7002-45BE-8EDE-65D964922CB0"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB88C165-BB24-49FB-AAF6-087A766D5AD1"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF806B52-DAD5-4D12-8BB6-3CBF9DC6B8DF"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DE847E0-431D-497D-9C57-C4E59749F6A0"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46385384-5561-40AA-9FDE-A2DE4FDFAD3E"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7CA7CA6-7CF2-48F6-81B5-69BA0A37EF4E"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E4E5481-1070-4E1F-8679-1985DE4E785A"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9EEA681-67FF-43B3-8610-0FA17FD279E5"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C33BA8EA-793D-4E79-BE9C-235ACE717216"}, {"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "823DBE80-CB8D-4981-AE7C-28F3FDD40451"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E63B7B2-409A-476E-BA12-2A2D2F3B85DE", "versionEndExcluding": "xcp2410"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "983D27DE-BC89-454E-AE47-95A26A3651E2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADB5D4C9-DA14-4188-9181-17336F9445F6", "versionEndExcluding": "xcp2410"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5825AEE1-B668-40BD-86A9-2799430C742C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B65E2F3-57EC-46C0-BB4A-0A0F3F8D387E", "versionEndExcluding": "xcp2410"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90B7CFBF-761C-4EAA-A322-EF5E294AADED", "versionEndExcluding": "xcp2410"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EE0CF40B-E5BD-4558-9321-184D58EF621D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48B28ABF-7E1A-4A1E-8F78-0D95D7BDF886", "versionEndExcluding": "xcp2410"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E74AAF52-1388-4BD9-B17B-3A6A32CA3608", "versionEndExcluding": "xcp2410"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95503CE5-1D06-4092-A60D-D310AADCAFB1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A107698C-9C63-44A9-8A2B-81EDD5702B4C", "versionEndExcluding": "xcp3110"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "983D27DE-BC89-454E-AE47-95A26A3651E2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FC0460E-4695-44FB-99EE-28B2C957B760", "versionEndExcluding": "xcp3110"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5825AEE1-B668-40BD-86A9-2799430C742C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD54A092-85A7-4459-9C69-19E6E24AC24B", "versionEndExcluding": "xcp3110"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F813DBC-BA1E-4C73-AA11-1BD3F9508372", "versionEndExcluding": "xcp3110"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EE0CF40B-E5BD-4558-9321-184D58EF621D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFDF4F39-1C6C-4AD3-99CF-BD5B44B8C71B", "versionEndExcluding": "xcp3110"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "416B805F-799A-4466-AC5A-93D083A2ABBD", "versionEndExcluding": "xcp3110"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95503CE5-1D06-4092-A60D-D310AADCAFB1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "25A3180B-21AF-4010-9DAB-41ADFD2D8031", "versionEndIncluding": "10.12.0", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "67D64118-C228-41AF-8193-F90A772AAB8E", "versionEndExcluding": "10.24.0", "versionStartIncluding": "10.13.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "564ED5C8-50D7-413A-B88E-E62B6C07336A", "versionEndIncluding": "12.12.0", "versionStartIncluding": "12.0.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "F1D6CFAA-BEDB-40EB-BDE6-35BBA99F0BB4", "versionEndExcluding": "12.21.0", "versionStartIncluding": "12.13.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "428DCD7B-6F66-4F18-B780-5BD80143D482", "versionEndIncluding": "14.14.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "E640EA36-17B2-4745-A831-AB8655F3579D", "versionEndExcluding": "15.10.0", "versionStartIncluding": "15.0.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:14.15.0:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "0425023F-CA30-4447-AD5C-B76556461CCC"}], "operator": "OR"}]}], "sourceIdentifier": "openssl-security@openssl.org"}