The host is installed with openssl 1.0.2 through 1.0.2l or 1.1.0 through 1.1.0f and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to handle IPAddressFamily extension in an X.509 certificate. Successful exploitation could allow attackers to modify data that is being sent from one endpoint to another.