CVE-2022-0778
Description
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
8.298
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2022-0778 are fixed in OpenSSL (x64) 3.0.2 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in OpenSSL 3.0.2 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Duo Security Authentication Proxy (5.6.1) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Node.js 12 (x64) (12.22.11) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Node.js 12 (12.22.11) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Node.js 14 (x64) (14.19.1) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Node.js 14 (14.19.1) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Node.js 16 (x64) (16.14.2) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Node.js 16 (16.14.2) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Node.js 17 (x64) (17.7.2) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Node.js 17 (17.7.2) | Windows |
| Multiple vulnerabilities fixed in MariaDB MariaDB 10.6.6 | Windows |
| Multiple vulnerabilities fixed in MariaDB MariaDB 10.2.42 | Windows |
| Multiple vulnerabilities fixed in MariaDB MariaDB 10.7.2 | Windows |
| Multiple vulnerabilities fixed in MariaDB MariaDB 10.3.33 | Windows |
| Multiple vulnerabilities fixed in MariaDB MariaDB 10.4.23 | Windows |
| Multiple vulnerabilities fixed in MariaDB MariaDB 10.5.14 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Nessus Agent 8.3.3 | Windows |
| Vulnerabilities CVE-2022-0778,CVE-2022-21712 are fixed in Duo Security Authentication Proxy (5.6.1) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Duo Security Authentication Proxy (5.6.0) | Windows |
| Vulnerabilities CVE-2022-0778,CVE-2022-21712,CVE-2020-14422,CVE-2021-29921 are fixed in Duo Security Authentication Proxy (5.6.1) | Windows |
| Vulnerabilities CVE-2022-0778,CVE-2022-21712 are fixed in Duo Security Authentication Proxy (5.6.0) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Duo Security Authentication Proxy (5.5.1) | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in OpenSSL (64-bit) 3.0.2 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in OpenSSL (MSI)(x64) 3.0.2 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in OpenSSL (MSI)(x86) 3.0.2 | Windows |
| Multiple vulnerabilities are affected in Mysql 8.0.28 | Windows |
| Multiple vulnerabilities are affected in Mysql 5.7.37 | Windows |
| Vulnerabilities CVE-2022-0778,CVE-2022-21712,CVE-2020-14422,CVE-2021-29921 are fixed in Duo Security Authentication Proxy (5.6.0) | Windows |
| Vulnerabilities CVE-2022-0778,CVE-2022-21712 are fixed in Duo Security Authentication Proxy (5.5.1) | Windows |
| Vulnerabilities CVE-2020-1971,CVE-2022-0778 are fixed in Duo Security Authentication Proxy (5.5.0) | Windows |
| Vulnerabilities CVE-2022-0778 are affected in MySQL Workbench Enterprise Edition 8.0.28 | Windows |
| Vulnerabilities CVE-2022-0778 are affected in MySQL Workbench CE (x64) 8.0.28 | Windows |
| Vulnerabilities CVE-2022-0778,CVE-2022-23852 are affected in Ivanti Secure Access Client 9.1R14 | Windows |
| Vulnerabilities CVE-2022-0778,CVE-2022-21712,CVE-2020-14422,CVE-2021-29921 are fixed in Duo Security Authentication Proxy (5.5.1) | Windows |
| Vulnerabilities CVE-2020-1971,CVE-2022-0778,CVE-2022-21712 are fixed in Duo Security Authentication Proxy (5.5.0) | Windows |
| Vulnerabilities CVE-2020-1971,CVE-2022-0778 are fixed in Duo Security Authentication Proxy (5.4.1) | Windows |
| Multiple vulnerabilities are fixed in Nessus 6.0.1 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Nessus 8.15.4 | Windows |
| Multiple vulnerabilities are fixed in Tenable Nessus 6.0.1 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in Tenable Nessus 8.15.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.1.7 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.2.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Analytics 12.0.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 20.0.0.2 | Windows |
| Multiple vulnerabilities are affected in Oracle GraalVM Enterprise Edition 20.3.5 | Windows |
| Multiple vulnerabilities are affected in Oracle GraalVM Enterprise Edition 21.3.1 | Windows |
| Multiple vulnerabilities are affected in Oracle GraalVM Enterprise Edition 22.0.0.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 18.0.0.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 19.0.0.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Business Automation Workflow 21.0.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.0 | Windows |
| Multiple Vulnerabilities are affected in IBM App Connect Enterprise 11.0.0.17 | Windows |
| Multiple Vulnerabilities are affected in IBM App Connect Enterprise 12.0.4.0 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in OpenSSL Light 3.0.2 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in OpenSSL Light (x64) 3.0.2 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in OpenSSL Library 3.0.2 | Windows |
| Vulnerabilities CVE-2022-0778 are fixed in OpenSSL Library x86 3.0.2 | Windows |
| Multiple vulnerabilities are fixed in Mac OS - Monterey 12.4 (Software Update) - AutoReboot | Mac |
| Multiple vulnerabilities are fixed in MacOS Big Sur 11.6.6 - Software Update | Mac |
| openssl security update(DSA-5103-1) openssl_1.1.1d-0+deb10u8_i386.deb | Linux |
| openssl security update(DSA-5103-1) openssl_1.1.1d-0+deb10u8_amd64.deb | Linux |
| openssl security update(DSA-5103-1) openssl_1.1.1k-1+deb11u2_amd64.deb | Linux |
| (RHSA-2022:1065) openssl security update openssl-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| (RHSA-2022:1065) openssl security update openssl-debugsource-1.1.1k-6.el8_5.i686.rpm | Linux |
| (RHSA-2022:1065) openssl security update openssl-debugsource-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| (RHSA-2022:1065) openssl security update openssl-devel-1.1.1k-6.el8_5.i686.rpm | Linux |
| (RHSA-2022:1065) openssl security update openssl-devel-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| (RHSA-2022:1065) openssl security update openssl-libs-1.1.1k-6.el8_5.i686.rpm | Linux |
| (RHSA-2022:1065) openssl security update openssl-libs-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| (RHSA-2022:1065) openssl security update openssl-perl-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| (RHSA-2022:1066) openssl security update openssl-1.0.2k-25.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:1066) openssl security update openssl-devel-1.0.2k-25.el7_9.i686.rpm | Linux |
| (RHSA-2022:1066) openssl security update openssl-devel-1.0.2k-25.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:1066) openssl security update openssl-libs-1.0.2k-25.el7_9.i686.rpm | Linux |
| (RHSA-2022:1066) openssl security update openssl-libs-1.0.2k-25.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:1066) openssl security update openssl-perl-1.0.2k-25.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:1066) openssl security update openssl-static-1.0.2k-25.el7_9.i686.rpm | Linux |
| (RHSA-2022:1066) openssl security update openssl-static-1.0.2k-25.el7_9.x86_64.rpm | Linux |
| Openssl update (ELSA-2022-9224) openssl-1.0.2k-24.0.3.el7_9.x86_64.rpm | Linux |
| Openssl-devel update (ELSA-2022-9224) openssl-devel-1.0.2k-24.0.3.el7_9.i686.rpm | Linux |
| Openssl-devel update (ELSA-2022-9224) openssl-devel-1.0.2k-24.0.3.el7_9.x86_64.rpm | Linux |
| Openssl-libs update (ELSA-2022-9224) openssl-libs-1.0.2k-24.0.3.el7_9.i686.rpm | Linux |
| Openssl-libs update (ELSA-2022-9224) openssl-libs-1.0.2k-24.0.3.el7_9.x86_64.rpm | Linux |
| Openssl-perl update (ELSA-2022-9224) openssl-perl-1.0.2k-24.0.3.el7_9.x86_64.rpm | Linux |
| Openssl-static update (ELSA-2022-9224) openssl-static-1.0.2k-24.0.3.el7_9.i686.rpm | Linux |
| Openssl-static update (ELSA-2022-9224) openssl-static-1.0.2k-24.0.3.el7_9.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) libopenssl-1_0_0-devel-1.0.2p-3.48.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) libopenssl1_0_0-1.0.2p-3.48.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) libopenssl1_0_0-32bit-1.0.2p-3.48.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) libopenssl1_0_0-debuginfo-1.0.2p-3.48.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) libopenssl1_0_0-debuginfo-32bit-1.0.2p-3.48.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) libopenssl1_0_0-hmac-1.0.2p-3.48.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) libopenssl1_0_0-hmac-32bit-1.0.2p-3.48.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) openssl-1_0_0-1.0.2p-3.48.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) openssl-1_0_0-debuginfo-1.0.2p-3.48.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) openssl-1_0_0-debugsource-1.0.2p-3.48.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0857-1(SUSE Linux Enterprise Server 12-SP5 ) openssl-1_0_0-doc-1.0.2p-3.48.1.noarch.rpm | Linux |
| Openssl update (ELSA-2022-1065) openssl-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| Openssl-devel update (ELSA-2022-1065) openssl-devel-1.1.1k-6.el8_5.i686.rpm | Linux |
| Openssl-devel update (ELSA-2022-1065) openssl-devel-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| Openssl-libs update (ELSA-2022-1065) openssl-libs-1.1.1k-6.el8_5.i686.rpm | Linux |
| Openssl-libs update (ELSA-2022-1065) openssl-libs-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| Openssl-perl update (ELSA-2022-1065) openssl-perl-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| Openssl update (ELSA-2022-1066) openssl-1.0.2k-25.el7_9.x86_64.rpm | Linux |
| Openssl-devel update (ELSA-2022-1066) openssl-devel-1.0.2k-25.el7_9.i686.rpm | Linux |
| Openssl-devel update (ELSA-2022-1066) openssl-devel-1.0.2k-25.el7_9.x86_64.rpm | Linux |
| Openssl-libs update (ELSA-2022-1066) openssl-libs-1.0.2k-25.el7_9.i686.rpm | Linux |
| Openssl-libs update (ELSA-2022-1066) openssl-libs-1.0.2k-25.el7_9.x86_64.rpm | Linux |
| Openssl-perl update (ELSA-2022-1066) openssl-perl-1.0.2k-25.el7_9.x86_64.rpm | Linux |
| Openssl-static update (ELSA-2022-1066) openssl-static-1.0.2k-25.el7_9.i686.rpm | Linux |
| Openssl-static update (ELSA-2022-1066) openssl-static-1.0.2k-25.el7_9.x86_64.rpm | Linux |
| Compat-openssl10 update (ELSA-2022-5326) compat-openssl10-1.0.2o-4.el8_6.i686.rpm | Linux |
| Compat-openssl10 update (ELSA-2022-5326) compat-openssl10-1.0.2o-4.el8_6.x86_64.rpm | Linux |
| (RHSA-2022:5326) compat-openssl10 security update compat-openssl10-1.0.2o-4.el8_6.i686.rpm | Linux |
| (RHSA-2022:5326) compat-openssl10 security update compat-openssl10-1.0.2o-4.el8_6.x86_64.rpm | Linux |
| (RHSA-2022:5326) compat-openssl10 security update compat-openssl10-debugsource-1.0.2o-4.el8_6.i686.rpm | Linux |
| (RHSA-2022:5326) compat-openssl10 security update compat-openssl10-debugsource-1.0.2o-4.el8_6.x86_64.rpm | Linux |
| openssl security update (RLSA-2022:1065) openssl-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| openssl security update (RLSA-2022:1065) openssl-libs-1.1.1k-6.el8_5.i686.rpm | Linux |
| openssl security update (RLSA-2022:1065) openssl-libs-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| openssl security update (RLSA-2022:1065) openssl-perl-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| openssl security update (RLSA-2022:1065) openssl-devel-1.1.1k-6.el8_5.i686.rpm | Linux |
| openssl security update (RLSA-2022:1065) openssl-devel-1.1.1k-6.el8_5.x86_64.rpm | Linux |
| Compat-openssl11 update (ELSA-2022-4899) compat-openssl11-1.1.1k-4.0.1.el9_0.i686.rpm | Linux |
| Compat-openssl11 update (ELSA-2022-4899) compat-openssl11-1.1.1k-4.0.1.el9_0.x86_64.rpm | Linux |
| (RHSA-2022:4899) compat-openssl11 security and bug fix update compat-openssl11-1.1.1k-4.el9_0.i686.rpm | Linux |
| (RHSA-2022:4899) compat-openssl11 security and bug fix update compat-openssl11-1.1.1k-4.el9_0.x86_64.rpm | Linux |
| (RHSA-2022:4899) compat-openssl11 security and bug fix update compat-openssl11-debugsource-1.1.1k-4.el9_0.i686.rpm | Linux |
| (RHSA-2022:4899) compat-openssl11 security and bug fix update compat-openssl11-debugsource-1.1.1k-4.el9_0.x86_64.rpm | Linux |
| compat-openssl11 security and bug fix update (RLSA-2022:4899) compat-openssl11-1.1.1k-4.el9_0.i686.rpm | Linux |
| compat-openssl11 security and bug fix update (RLSA-2022:4899) compat-openssl11-1.1.1k-4.el9_0.x86_64.rpm | Linux |
| compat-openssl10 security update (RLSA-2022:5326) compat-openssl10-1.0.2o-4.el8_6.i686.rpm | Linux |
| compat-openssl10 security update (RLSA-2022:5326) compat-openssl10-1.0.2o-4.el8_6.x86_64.rpm | Linux |
| An open-source, cross-platform JavaScript runtime environment. (USN-6457-1) nodejs_12.22.9~dfsg-1ubuntu3.1_amd64.deb | Linux |
| An open-source, cross-platform JavaScript runtime environment. (USN-6457-1) libnode72_12.22.9~dfsg-1ubuntu3.1_amd64.deb | Linux |
| An open-source, cross-platform JavaScript runtime environment. (USN-6457-1) nodejs-doc_12.22.9~dfsg-1ubuntu3.1_all.deb | Linux |
| An open-source, cross-platform JavaScript runtime environment. (USN-6457-1) libnode-dev_12.22.9~dfsg-1ubuntu3.1_amd64.deb | Linux |
| SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64.rpm | Linux |
| (RHSA-2022:5326)Low: security update compat-openssl10-debuginfo-1.0.2o-4.el8_6.i686.rpm | Linux |
| (RHSA-2022:5326)Low: security update compat-openssl10-debuginfo-1.0.2o-4.el8_6.x86_64.rpm | Linux |
| Low: compat-openssl10 security update compat-openssl10-1.0.2o-4.el8_6.i686.rpm | Linux |
| Low: compat-openssl10 security update compat-openssl10-1.0.2o-4.el8_6.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-backup-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-common-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-connect-engine-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-cracklib-password-check-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-devel-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-errmsg-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-gssapi-server-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-oqgraph-engine-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-pam-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-rocksdb-engine-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-server-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-server-utils-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-sphinx-engine-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-test-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability (CVE-2022-0778) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-355449 | OpenSSL (3.6.1) |
| PATCH-331885 | Duo Security Authentication Proxy (6.0.2) |
| PATCH-324371 | Node.js 12 (x64) (12.22.12) |
| PATCH-324370 | Node.js 12 (12.22.12) |
| PATCH-329083 | Node.js 14 (x64) (14.21.3) |
| PATCH-329082 | Node.js 14 (14.21.3) |
| PATCH-331257 | Node.js 16 (x64) (16.20.1) |
| PATCH-331256 | Node.js 16 (16.20.1) |
| PATCH-325141 | Node.js 17 (x64) (17.9.1) |
| PATCH-325140 | Node.js 17 (17.9.1) |
| PATCH-337447 | Nessus Agent (10.6.1) |
| PATCH-338054 | Duo Security Authentication Proxy (6.4.0) |
| PATCH-338054 | Duo Security Authentication Proxy (6.4.0) |
| PATCH-338227 | Duo Security Authentication Proxy (6.4.1) |
| PATCH-338227 | Duo Security Authentication Proxy (6.4.1) |
| PATCH-338227 | Duo Security Authentication Proxy (6.4.1) |
| PATCH-342393 | Duo Security Authentication Proxy (6.4.2) |
| PATCH-342393 | Duo Security Authentication Proxy (6.4.2) |
| PATCH-342393 | Duo Security Authentication Proxy (6.4.2) |
| PATCH-347137 | MySQL Workbench CE (x64) (8.0.42) |
| PATCH-347413 | Duo Security Authentication Proxy (6.5.0) |
| PATCH-347413 | Duo Security Authentication Proxy (6.5.0) |
| PATCH-347413 | Duo Security Authentication Proxy (6.5.0) |
| PATCH-608134 | Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877) |
| PATCH-605753 | MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064) |
| PATCH-355451 | OpenSSL Light (3.6.1) |
| PATCH-355452 | OpenSSL Light (x64) (3.6.1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234