SecurityWeek

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL

OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.

OpenSSL: 12 security gaps, one allows malicious code execution and is critical

IT researchers have discovered 12 security vulnerabilities in the open-source encryption library OpenSSL, one of which is considered critical. Attackers can use it to inject malicious code, for ...

AISLE Researchers Identify 12 New Security Vulnerabilities in OpenSSL Using AI-Driven Discovery

The vulnerabilities disclosed in this release span multiple components of OpenSSL and affect a wide range of supported ...
Infosecurity Magazine

Autonomous System Uncovers Long-Standing OpenSSL Flaws

The issues were uncovered by AISLE and disclosed through a coordinated process with the OpenSSL project. OpenSSL is one of ...
USA Today

OpenSSL, widely used encryption library, patches high vulnerabilities. What to know.

Websites and companies that rely on OpenSSL should patch their systems as soon as possible. The developer of Open SSL, a widely used open-source encryption library, released Tuesday a patch to fix two ...
Bleeping Computer

OpenSSL fixes two high severity vulnerabilities, what you need to know

The OpenSSL Project has patched two high-severity security flaws in its open-source cryptographic library used to encrypt communication channels and HTTPS connections. The vulnerabilities ...
InfoQ

OpenSSL Hit by Two High Severity Vulnerabilities, Recently Patched

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...
Bleeping Computer

OpenSSL fixes severe DoS, certificate validation vulnerabilities

Today, the OpenSSL project has issued an advisory for two high-severity vulnerabilities CVE-2021-3449 and CVE-2021-3450 lurking in OpenSSL products. OpenSSL is a commonly used software library for ...
Computer Weekly

OpenSSL vulnerabilities ‘not as bad as feared’

The team behind the widely used open source cryptographic library OpenSSL has patched two vulnerabilities in the service that it had previously taken the somewhat unusual step of pre-warning security ...
PC World

OpenSSL warns vendors against using vulnerability info for marketing

Security advisories for OpenSSL should not be used for competitive advantage, according to the development project behind the widely used cryptography component. The warning comes from the OpenSSL ...
PC World

New OpenSSL vulnerability puts encrypted communications at risk of spying

A newly discovered vulnerability that allows spying on encrypted SSL/TLS communications has been identified and fixed in the widely used OpenSSL library. The vulnerability, which is being tracked as ...
InfoWorld

OpenSSL patches two vulnerabilities in cryptographic library

The OpenSSL project team has patched two vulnerabilities in the cryptographic library and enhanced the strength of existing cryptography used by OpenSSL versions 1.0.1 and 1.0.2. OpenSSL 1.0.2 users ...