TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
{
"unresolved_ranges": [
{
"extracted_events": [
{
"fixed": "21.1.2"
}
],
"source": "CPE_RANGE",
"vendor_product": "oracle:blockchain_platform",
"cpes": [
"cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*"
]
},
{
"extracted_events": [
{
"last_affected": "7.3.30"
},
{
"introduced": "7.4.0"
},
{
"last_affected": "7.4.29"
},
{
"introduced": "7.5.0"
},
{
"last_affected": "7.5.19"
},
{
"introduced": "7.6.0"
},
{
"last_affected": "7.6.15"
},
{
"introduced": "8.0.0"
},
{
"last_affected": "8.0.21"
}
],
"source": "CPE_RANGE",
"vendor_product": "oracle:mysql_cluster",
"cpes": [
"cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*"
]
},
{
"cpes": [
"cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:oracle:banking_extensibility_workbench:14.4.0:*:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"vendor_product": "oracle:banking_extensibility_workbench",
"extracted_events": [
{
"introduced": "14.3.0"
},
{
"last_affected": "14.3.0"
},
{
"introduced": "14.4.0"
},
{
"last_affected": "14.4.0"
}
]
}
]
}{
"source": "CPE_STRING",
"cpe": [
"cpe:2.3:a:oracle:graalvm:19.3.2:*:*:*:enterprise:*:*:*",
"cpe:2.3:a:oracle:graalvm:20.1.0:*:*:*:enterprise:*:*:*"
],
"extracted_events": [
{
"introduced": "19.3.2"
},
{
"last_affected": "19.3.2"
},
{
"introduced": "20.1.0"
},
{
"last_affected": "20.1.0"
}
]
}