all InfoSec news
High-severity OpenSSL vulnerabilities fixed (CVE-2022-3602, CVE-2022-3786)
Security Boulevard securityboulevard.com
High-severity OpenSSL vulnerabilities fixed (CVE-2022-3602, CVE-2022-3786)
Version 3.0.7 of the popular OpenSSL cryptographic library is out, with fixes for CVE-2022-3602 and CVE-2022-3786, two high-severity buffer overflow vulnerabilities in the punycode decoder that could lead to crashes (i.e., denial of service) or potentially remote code execution. CVE-2022-3602, whose existence was preannounced by the OpenSSL Project team a week ago, has luckily turned out to be less dangerous than initially thought. So the much feared *Critical* #OpenSSL turns out to be "just" …
cve cve-2022-3602 cve-2022-3786 help net security helpnetsecurity openssl openssl vulnerabilities severity vulnerabilities