Day: November 1, 2022

Enterprise Vulnerabilities

5 things to know about the bugs patched in OpenSSL version 3.0.7

The first: This isn’t Heartbleed redux [298 words]. What bugs were fixed: OpenSSL version 3.0.7 fixes two “high” severity vulnerabilities in OpenSSL versions 3.0.0 to 3.0.6. The vulnerabilities are CVE-2022-3786 an X.509 Email Address Variable Length Buffer Overflow and CVE-2022-3602, an X.509 Email Address 4-byte Buffer Overflow. The bugs are tied to a punycode decoding […]

Read More