XnView Software

Various discussion boards for XnView and related products
https://newsgroup.xnview.com/

XNView MP 1.6.4 - Vulnerability in OpenSSL 1.1.1 - CVE-2021-3711

https://newsgroup.xnview.com/viewtopic.php?t=46849

Page 1 of 1

XNView MP 1.6.4 - Vulnerability in OpenSSL 1.1.1 - CVE-2021-3711

Posted: Thu Feb 15, 2024 12:49 pm
by z8mail
Hello,

The library “The OpenSSL Toolkit” used by XNView MP 1.6.4 has a critical vulnerability (rating 9.8):
Vulnerability in OpenSSL 1.1.1 up to 1.1.1k (CVE-2021-3711)
CVE-2021-3711
https://cve.mitre.org/cgi-bin/cvename.c ... -2021-3711

The vulnerability is in the file used:
C:\Program Files\XnViewMP\libssl-1_1-x64.dll

Please provide an update.

Kind regards,

z8mail

Re: XNView MP 1.6.4 - Vulnerability in OpenSSL 1.1.1 - CVE-2021-3711

Posted: Sat Feb 24, 2024 2:19 pm
by xnview
:bugconfirmed: Thanks to your detailed description I can reproduce the problem.

Re: XNView MP 1.6.4 - Vulnerability in OpenSSL 1.1.1 - CVE-2021-3711

Posted: Thu Mar 28, 2024 12:51 pm
by xnview
This problem is supposed to be fixed in XnView MP 1.7.0. Please check and confirm the bug fix here.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited