You are here

Home › OpenSSL Vulnerabilities Fixed in Version 1.1.1p

OpenSSL Vulnerabilities Fixed in Version 1.1.1p

Submitted on 28. June 2022 - 11:01 by rischi.
Last update on 30. June 2022 - 12:42.
IDs: 
CVE-2022-2068
Keywords: 
c_rehash, openssl
Description: 

OpenSSL released version 1.1.1p fixing one vulnerabilitiy [1].

Supported Airlock WAF versions use OpenSSL 1.1.1 to handle SSL/TLS connections.

No action required for Airlock WAF

Details:

  • CVE-2022-2068 Command injection vulnerability for the c_rehash shell command. Airlock Gateway is not affected since it does not use OpenSSL command line tools with untrusted/unsafe arguments.
Component: 
Airlock
Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
Does not affect back-end behind Airlock
Reference: 
[1] https://www.openssl.org/news/secadv/20220621.txt
© Ergon Informatik AG