openssl is vulnerable to information disclosure. The vulenerability exists through the ability to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite, if an implementation re-uses a DH secret across multiple TLS connections.
lists.debian.org/debian-lts-announce/2020/09/msg00016.html
security.gentoo.org/glsa/202210-02
security.netapp.com/advisory/ntap-20200911-0004/
usn.ubuntu.com/4504-1/
www.openssl.org/news/secadv/20200909.txt
www.oracle.com//security-alerts/cpujul2021.html
www.oracle.com/security-alerts/cpuApr2021.html
www.oracle.com/security-alerts/cpuapr2022.html
www.oracle.com/security-alerts/cpujan2021.html
www.oracle.com/security-alerts/cpuoct2021.html