Top
image credit: Adobe Stock

OpenSSL Hit by Two High Severity Vulnerabilities, Recently Patched

November 3, 2022

Via: InfoQ
Category:

Introduced in OpenSSL 3.0 in September 2021 and affecting all successive versions up to and including OpenSSL 3.0.6, the two recently patched vulnerabilities are caused by buffer overruns in X.509 certificate verification.

Both CVE-2022-3786 and CVE-2022-3602 describe two buffer overflow issues in an X.509 email address verification, leading to the possibility of a denial of service attack for the former, and of a remote code execution attack for the latter.

Read More on InfoQ

RELATED PUBLICATIONS

US Senate passes bill to ban TikTok: Here’s what happens now
Gemini Code Assist to Create APIs, Integrations, and Automation Flows in Public Preview
Focusing on the wrong open source issues

Latest Publications

US Senate passes bill to ban TikTok: Here’s what happens now
Is the Arm version of Windows ready for its close-up?
Gemini Code Assist to Create APIs, Integrations, and Automation Flows in Public Preview
Software Curated Copyright © 2024. All rights reserved
Go to ITCurated!