[MS:CVE-2021-3711] OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow

Severity Critical

Affected Packages 6

Fixed Packages 6

CVEs 1

OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow

Package	Affected Version
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202022%20version%2017.1
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202022%20version%2017.0
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.9%20%28includes%2016.0%20-%2016.8%29
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.7%20%28includes%2016.0%20%E2%80%93%2016.6%29
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.11%20%28includes%2016.0%20-%2016.10%29
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202017%20version%2015.9%20%28includes%2015.0%20-%2015.8%29

Package	Fixed Version
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202022%20version%2017.1	= 17.1.1
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202022%20version%2017.0	= 17.0.7
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.9%20%28includes%2016.0%20-%2016.8%29	= 16.9.13
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.7%20%28includes%2016.0%20%E2%80%93%2016.6%29	= 16.7.21
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.11%20%28includes%2016.0%20-%2016.10%29	= 16.11.6
pkg:generic/microsoft/Microsoft%20Visual%20Studio%202017%20version%2015.9%20%28includes%2015.0%20-%2015.8%29	= 15.9.41

ID

MS:CVE-2021-3711

Severity

critical

Impact

Remote Code Execution

URL

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-3711

Published

2021-11-09T08:00:00
(2 years ago)

Modified

2022-03-08T08:00:00
(2 years ago)

Rights

The Microsoft Security Response Center (MSRC) Team

Other Advisories

Source	Name	URL
Vendor Fix	Release Notes - Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)	http://aka.ms/vs/15/release/latest
Vendor Fix	Release Notes - Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)	https://my.visualstudio.com/Downloads?q=Visual Studio 2019 version 16.7
Vendor Fix	Release Notes - Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)	https://my.visualstudio.com/Downloads?q=Visual Studio 2019 version 16.9
Vendor Fix	Release Notes - Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)	https://my.visualstudio.com/Downloads?q=Visual Studio 2019 version 16.11
Vendor Fix	Release Notes - Microsoft Visual Studio 2022 version 17.1	https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.1
Vendor Fix	Release Notes - Microsoft Visual Studio 2022 version 17.0	https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.0

Type	Package URL	Namespace	Name / Product	Version
Affected	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202022%20version%2017.1	microsoft	Microsoft Visual Studio 2022 version 17.1
Fixed	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202022%20version%2017.1	microsoft	Microsoft Visual Studio 2022 version 17.1	= 17.1.1
Affected	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202022%20version%2017.0	microsoft	Microsoft Visual Studio 2022 version 17.0
Fixed	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202022%20version%2017.0	microsoft	Microsoft Visual Studio 2022 version 17.0	= 17.0.7
Affected	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.9%20%28includes%2016.0%20-%2016.8%29	microsoft	Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
Fixed	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.9%20%28includes%2016.0%20-%2016.8%29	microsoft	Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)	= 16.9.13
Affected	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.7%20%28includes%2016.0%20%E2%80%93%2016.6%29	microsoft	Microsoft Visual Studio 2019 version 16.7 (includes 16.0 â 16.6)
Fixed	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.7%20%28includes%2016.0%20%E2%80%93%2016.6%29	microsoft	Microsoft Visual Studio 2019 version 16.7 (includes 16.0 â 16.6)	= 16.7.21
Affected	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.11%20%28includes%2016.0%20-%2016.10%29	microsoft	Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Fixed	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202019%20version%2016.11%20%28includes%2016.0%20-%2016.10%29	microsoft	Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)	= 16.11.6
Affected	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202017%20version%2015.9%20%28includes%2015.0%20-%2015.8%29	microsoft	Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
Fixed	pkg:generic/microsoft/Microsoft%20Visual%20Studio%202017%20version%2015.9%20%28includes%2015.0%20-%2015.8%29	microsoft	Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)	= 15.9.41

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date