all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Security Advisory for OpenSSL Vulnerabilities CVE-2022-3602 & CVE-2022-3786

Add to bookmarks
Nov. 1, 2022, 8:08 p.m. | Jithin Nair

Security Boulevard securityboulevard.com

Background


On 01-Nov-2022, OpenSSL published an advisory about two high-severity security flaws - CVE-2022-3786 (“X.509 Email Address Variable Length Buffer Overflow”) and CVE-2022-3602 (“X.509 Email Address 4-byte Buffer Overflow”). These vulnerabilities affect OpenSSL version 3.0.0 and later and have been addressed in OpenSSL 3.0.7.


What is the issue?


The following vulnerability details were published in the OpenSSL security advisory earlier today:


CVE-2022-3786


A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. This occurs after …

advisory cve cve-2022-3602 cve-2022-3786 openssl openssl vulnerabilities security security advisory vulnerabilities

Visit resource

More from securityboulevard.com / Security Boulevard

Dropbox Hacked: eSignature Service Breached 9 hours ago | securityboulevard.com
application security appsec breached cloud security +39
USENIX Security ’23 – “My Privacy for their Security”: Employees’ Privacy Perspectives and Expectations when … 11 hours ago | securityboulevard.com
access authors conference employees +17
Key Areas Where Open-Source Security Needs to Evolve 12 hours ago | securityboulevard.com
cybersecurity cybersecurity experts effect experts +10
News alert: LayerX Security raises $24M Series A funding for its ‘enterprise browser’ security platform 13 hours ago | securityboulevard.com
alert browser browser security capital +26
Strata Identity Names Granville Schmidt Chief Architect 13 hours ago | securityboulevard.com
advancements appointed april architect +22
LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely from … 13 hours ago | securityboulevard.com
adoption browser browser security companies +14
Survalyzer SPF and DKIM configuration: Step By Step Guideline 13 hours ago | securityboulevard.com
article blog configuration dkim +6
Vtiger SPF & DKIM Setup: Step By Step Guideline 14 hours ago | securityboulevard.com
amp blog businesses cloud +11
Spamhero SPF and DKIM configuration: Step By Step Guideline 14 hours ago | securityboulevard.com
article blog configuration dkim +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Information Security Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

Principal Security Researcher (Advanced Threat Prevention)

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

EWT Infosec | IAM Technical Security Consultant - Manager

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Security Engineering Operations Manager

@ Gusto | San Francisco, CA; Denver, CO; Remote
View on infosec-jobs.com

Network Threat Detection Engineer

@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC
View on infosec-jobs.com
View more jobs