openSSL punycode Vulnerability
Is dSPACE software affected by the openSSL punycode vulnerabilities?
We are getting requests from our customers who are concerned about the so-called openSSL punycode vulnerabilities.
The security vulnerabilities are related to openSSL library, a C-based open-source library for encryption of data in multiple environments.
Based on our software dependency analysis, following dSPACE products contain openSSL versions with the below listed vulnerabilities
- SIMPHERA
An update of the library which fixes these vulnerabilities will be available in SIMPHERA 22.9.
| CVE Dictionary Entry | Description and assessment |
|---|---|
|
This buffer overflow vulnerability could lead to crash in the affected products causing a denial of service or potentially remote code execution. Affected openSSL versions are 3.0.0-3.0.6. |
|
|
This buffer overflow vulnerability could lead to crash in the affected products causing a denial of service. Affected openSSL versions are 3.0.0-3.0.6. |
| Date | 2022-11-07 |
| 资料信息 | 通知 |
| 信息类别 | Product Security, 故障排除 |
| dSPACE 版本发布 | 2022-A, 2021-B, 2021-A, 2020-B, 2020-A, 2019-B, 2019-A, 2018-B, 2018-A, 2017-B , 2017-A, 2016-B, 2016-A, 2015-B, 2015-A, 2014-B, 2014-A, 2013-B, 2013-A, 2013-A之前版本 |