CVE-2021-3449

Source
https://cve.org/CVERecord?id=CVE-2021-3449
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3449.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-3449
Aliases
Downstream
Related
Published
2021-03-25T15:15:13.450Z
Modified
2026-07-11T18:15:11.707481Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension (where it was present in the initial ClientHello), but includes a signaturealgorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).

Database specific
{
    "unresolved_ranges": [
        {
            "source": "CPE_RANGE",
            "vendor_product": "nodejs:node.js",
            "cpes": [
                "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "10.0.0"
                },
                {
                    "last_affected": "10.12.0"
                },
                {
                    "introduced": "10.13.0"
                },
                {
                    "last_affected": "10.24.0"
                },
                {
                    "introduced": "12.0.0"
                },
                {
                    "last_affected": "12.12.0"
                },
                {
                    "introduced": "12.13.0"
                },
                {
                    "fixed": "12.22.1"
                },
                {
                    "introduced": "14.0.0"
                },
                {
                    "last_affected": "14.14.0"
                },
                {
                    "introduced": "14.15.0"
                },
                {
                    "fixed": "14.16.1"
                },
                {
                    "introduced": "15.0.0"
                },
                {
                    "fixed": "15.14.0"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "oracle:jd_edwards_enterpriseone_tools",
            "cpes": [
                "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "9.2.6.0"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "oracle:mysql_connectors",
            "cpes": [
                "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "last_affected": "8.0.23"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "oracle:mysql_workbench",
            "cpes": [
                "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "last_affected": "8.0.23"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "oracle:primavera_unifier",
            "cpes": [
                "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "17.7"
                },
                {
                    "last_affected": "17.12"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "oracle:secure_backup",
            "cpes": [
                "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "18.1.0.1.0"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:ruggedcom_rcm1224_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:ruggedcom_rcm1224_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "6.2"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_m-800_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "6.2"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_s602_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_s602_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "4.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_s612_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_s612_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "4.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_s615_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "6.2"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_s623_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_s623_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "4.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_s627-2m_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_s627-2m_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "4.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_sc-600_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "2.0"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_w1700_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "2.0"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_w700_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "6.5"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_xb-200_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "4.3"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_xc-200_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "4.3"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_xf-200ba_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "4.3"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_xm-400_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "6.4"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_xp-200_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "4.3"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_xr-300wg_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "4.3"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_xr524-8c_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "6.4"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_xr526-8c_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "6.4"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_xr528-6m_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "6.4"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:scalance_xr552-12_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "6.4"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_cloud_connect_7_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "1.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_cp_1242-7_gprs_v2_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "3.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_logon",
            "cpes": [
                "cpe:2.3:a:siemens:simatic_logon:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "1.6.0.2"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_net_cp1243-7_lte_eu_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "3.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_net_cp1243-7_lte_us_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_us_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "3.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_net_cp_1243-1_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "3.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_net_cp_1243-8_irc_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "3.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_net_cp_1542sp-1_irc_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "2.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_net_cp_1543-1_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "2.2"
                },
                {
                    "fixed": "3.0"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_net_cp_1543sp-1_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "2.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_net_cp_1545-1_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "1.0"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_pdm_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "9.1.0.7"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:simatic_process_historian_opc_ua_server_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "2019"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:sinec_infrastructure_network_services",
            "cpes": [
                "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "1.0.1.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "siemens:tim_1531_irc_firmware",
            "cpes": [
                "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "2.0"
                },
                {
                    "fixed": "2.2"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "sonicwall:sma100_firmware",
            "cpes": [
                "cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "10.2.0.0"
                },
                {
                    "fixed": "10.2.1.0-17sv"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "tenable:log_correlation_engine",
            "cpes": [
                "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "6.0.9"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "tenable:nessus",
            "cpes": [
                "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "last_affected": "8.13.1"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "vendor_product": "tenable:tenable.sc",
            "cpes": [
                "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "5.13.0"
                },
                {
                    "last_affected": "5.17.0"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "checkpoint:multi-domain_management_firmware",
            "cpes": [
                "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r80.40:*:*:*:*:*:*:*",
                "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r81:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "r80.40"
                },
                {
                    "last_affected": "r80.40"
                },
                {
                    "introduced": "r81"
                },
                {
                    "last_affected": "r81"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "checkpoint:quantum_security_gateway_firmware",
            "cpes": [
                "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*",
                "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "r80.40"
                },
                {
                    "last_affected": "r80.40"
                },
                {
                    "introduced": "r81"
                },
                {
                    "last_affected": "r81"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "checkpoint:quantum_security_management_firmware",
            "cpes": [
                "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r80.40:*:*:*:*:*:*:*",
                "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r81:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "r80.40"
                },
                {
                    "last_affected": "r80.40"
                },
                {
                    "introduced": "r81"
                },
                {
                    "last_affected": "r81"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "debian:debian_linux",
            "cpes": [
                "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "9.0"
                },
                {
                    "last_affected": "9.0"
                },
                {
                    "introduced": "10.0"
                },
                {
                    "last_affected": "10.0"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "fedoraproject:fedora",
            "cpes": [
                "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "34"
                },
                {
                    "last_affected": "34"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "freebsd:freebsd",
            "cpes": [
                "cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*",
                "cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*",
                "cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "12.2-NA"
                },
                {
                    "last_affected": "12.2-NA"
                },
                {
                    "introduced": "12.2-p1"
                },
                {
                    "last_affected": "12.2-p1"
                },
                {
                    "introduced": "12.2-p2"
                },
                {
                    "last_affected": "12.2-p2"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "mcafee:web_gateway",
            "cpes": [
                "cpe:2.3:a:mcafee:web_gateway:10.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:mcafee:web_gateway:8.2.19:*:*:*:*:*:*:*",
                "cpe:2.3:a:mcafee:web_gateway:9.2.10:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "8.2.19"
                },
                {
                    "last_affected": "8.2.19"
                },
                {
                    "introduced": "9.2.10"
                },
                {
                    "last_affected": "9.2.10"
                },
                {
                    "introduced": "10.1.1"
                },
                {
                    "last_affected": "10.1.1"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "mcafee:web_gateway_cloud_service",
            "cpes": [
                "cpe:2.3:a:mcafee:web_gateway_cloud_service:10.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:mcafee:web_gateway_cloud_service:8.2.19:*:*:*:*:*:*:*",
                "cpe:2.3:a:mcafee:web_gateway_cloud_service:9.2.10:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "8.2.19"
                },
                {
                    "last_affected": "8.2.19"
                },
                {
                    "introduced": "9.2.10"
                },
                {
                    "last_affected": "9.2.10"
                },
                {
                    "introduced": "10.1.1"
                },
                {
                    "last_affected": "10.1.1"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "oracle:communications_communications_policy_management",
            "cpes": [
                "cpe:2.3:a:oracle:communications_communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "12.6.0.0.0"
                },
                {
                    "last_affected": "12.6.0.0.0"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "oracle:enterprise_manager_for_storage_management",
            "cpes": [
                "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "13.4.0.0"
                },
                {
                    "last_affected": "13.4.0.0"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "oracle:essbase",
            "cpes": [
                "cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "21.2"
                },
                {
                    "last_affected": "21.2"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "oracle:jd_edwards_world_security",
            "cpes": [
                "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "a9.4"
                },
                {
                    "last_affected": "a9.4"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "oracle:peoplesoft_enterprise_peopletools",
            "cpes": [
                "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "8.57"
                },
                {
                    "last_affected": "8.57"
                },
                {
                    "introduced": "8.58"
                },
                {
                    "last_affected": "8.58"
                },
                {
                    "introduced": "8.59"
                },
                {
                    "last_affected": "8.59"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "oracle:primavera_unifier",
            "cpes": [
                "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "19.12"
                },
                {
                    "last_affected": "19.12"
                },
                {
                    "introduced": "20.12"
                },
                {
                    "last_affected": "20.12"
                },
                {
                    "introduced": "21.12"
                },
                {
                    "last_affected": "21.12"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "oracle:secure_global_desktop",
            "cpes": [
                "cpe:2.3:a:oracle:secure_global_desktop:5.6:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "5.6"
                },
                {
                    "last_affected": "5.6"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "oracle:zfs_storage_appliance_kit",
            "cpes": [
                "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "8.8"
                },
                {
                    "last_affected": "8.8"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "siemens:simatic_logon",
            "cpes": [
                "cpe:2.3:a:siemens:simatic_logon:1.5:sp3_update_1:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "1.5-sp3_update_1"
                },
                {
                    "last_affected": "1.5-sp3_update_1"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "siemens:sinec_nms",
            "cpes": [
                "cpe:2.3:a:siemens:sinec_nms:1.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:siemens:sinec_nms:1.0:sp1:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "1.0-NA"
                },
                {
                    "last_affected": "1.0-NA"
                },
                {
                    "introduced": "1.0-sp1"
                },
                {
                    "last_affected": "1.0-sp1"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "siemens:sinema_server",
            "cpes": [
                "cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:siemens:sinema_server:14.0:sp1:*:*:*:*:*:*",
                "cpe:2.3:a:siemens:sinema_server:14.0:sp2:*:*:*:*:*:*",
                "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update1:*:*:*:*:*:*",
                "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update2:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "14.0-NA"
                },
                {
                    "last_affected": "14.0-NA"
                },
                {
                    "introduced": "14.0-sp1"
                },
                {
                    "last_affected": "14.0-sp1"
                },
                {
                    "introduced": "14.0-sp2"
                },
                {
                    "last_affected": "14.0-sp2"
                },
                {
                    "introduced": "14.0-sp2_update1"
                },
                {
                    "last_affected": "14.0-sp2_update1"
                },
                {
                    "introduced": "14.0-sp2_update2"
                },
                {
                    "last_affected": "14.0-sp2_update2"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "sonicwall:capture_client",
            "cpes": [
                "cpe:2.3:a:sonicwall:capture_client:3.5:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "3.5"
                },
                {
                    "last_affected": "3.5"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "sonicwall:sonicos",
            "cpes": [
                "cpe:2.3:o:sonicwall:sonicos:7.0.1.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "7.0.1.0"
                },
                {
                    "last_affected": "7.0.1.0"
                }
            ]
        },
        {
            "source": "CPE_STRING",
            "vendor_product": "tenable:nessus_network_monitor",
            "cpes": [
                "cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "5.11.0"
                },
                {
                    "last_affected": "5.11.0"
                },
                {
                    "introduced": "5.11.1"
                },
                {
                    "last_affected": "5.11.1"
                },
                {
                    "introduced": "5.12.0"
                },
                {
                    "last_affected": "5.12.0"
                },
                {
                    "introduced": "5.12.1"
                },
                {
                    "last_affected": "5.12.1"
                },
                {
                    "introduced": "5.13.0"
                },
                {
                    "last_affected": "5.13.0"
                }
            ]
        }
    ]
}
References

Affected packages

Git
github.com/graalvm/graalvm-ce-builds

Affected ranges

Type
GIT
Repo
https://github.com/graalvm/graalvm-ce-builds
Events
Database specific
{
    "source": "CPE_STRING",
    "cpe": [
        "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*",
        "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*",
        "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "19.3.5"
        },
        {
            "last_affected": "19.3.5"
        },
        {
            "introduced": "20.3.1.2"
        },
        {
            "last_affected": "20.3.1.2"
        },
        {
            "introduced": "21.0.0.2"
        },
        {
            "last_affected": "21.0.0.2"
        }
    ]
}

Affected versions

19.*
19.3.5
20.*
20.3.1.2
21.*
21.0.0.2
vm-19.*
vm-19.3.5
vm-20.*
vm-20.3.1
vm-21.*
vm-21.0.0
vm-21.0.0.2

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3449.json"
github.com/mysql/mysql-server

Affected ranges

Type
GIT
Repo
https://github.com/mysql/mysql-server
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
Last affected
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.7.33"
        },
        {
            "introduced": "8.0.15"
        },
        {
            "last_affected": "8.0.23"
        }
    ]
}

Affected versions

mysql-3.*
mysql-3.23.22-beta
mysql-3.23.28-gamma
mysql-3.23.30-gamma
mysql-3.23.31
mysql-3.23.32
mysql-3.23.33
mysql-3.23.36
mysql-4.*
mysql-4.0.2
mysql-4.0.4
mysql-5.*
mysql-5.1.4
mysql-5.7.31
mysql-5.7.32
mysql-5.7.33
mysql-8.*
mysql-8.0.23
mysql-cluster-8.*
mysql-cluster-8.0.23

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3449.json"
github.com/openssl/openssl

Affected ranges

Type
GIT
Repo
https://github.com/openssl/openssl
Events
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "1.1.1"
        },
        {
            "fixed": "1.1.1k"
        }
    ]
}

Database specific

vanir_signatures
[
    {
        "id": "CVE-2021-3449-c377fa22",
        "digest": {
            "line_hashes": [
                "28170854778703993674264004058177114599",
                "73132526844288570625317440636111911761",
                "177405411499435185068645597737938634778",
                "224809958623850711330610094965797758930",
                "295554444428855106393106961197201359586"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "include/openssl/opensslv.h"
        },
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/e04bd3433fd84e1861bf258ea37928d9845e6a86",
        "deprecated": false,
        "signature_type": "Line"
    }
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3449.json"
vanir_signatures_modified
"2026-07-11T18:15:11Z"