June 28, 2022
Categorized: Critical Severity
Share this post:
OpenSSL is vulnerable to a command injection due to improper user validation in the c_rehash script as described in the vulnerability details section. IBM i has addressed the vulnerability in OpenSSL with a fix as described in the remediation/fixes section.
Affected product(s) and affected version(s):
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6599331
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/225619