OpenSSL has released a security update to address a vulnerability in the library that, if exploited, leads to denial of service conditions. Googles security researcher Tavis Ormandy discovered the certificate parsing vulnerability and reported his findings to the OpenSSL team on February 24, 2022. The vulnerability is tracked as CVE-2022-0778, and affects OpenSSL versions 1.0.2, 1.1.1n and 3.0. The fix is available for non-premium users, but only premium users will be offered a fix through 1.2zd. The most common scenario where exploitation of this flaw would be for a malicious client accessing a malicious server that serves up a problematic certificate.”]