Skip to content Skip to sidebar Skip to footer

OpenSSL fixes severe DoS, certificate validation vulnerabilities

The OpenSSL project has issued an advisory for two high-severity vulnerabilities in OpenSSL products. The vulnerabilities include a Denial of Service (DoS) flaw due to NULL pointer dereferencing which only impacts OpenSSL server instances, not the clients. The vulnerability was discovered by engineers Peter K..stle and Samuel Sapalski of Nokia, who also offered the fix shown above. Neither vulnerabilities impact OpenSSL 1.1.1k and users are advised to upgrade to this version to protect their instances.


Sign Up to Our Newsletter

Be the first to know the latest updates