OpenSSL Patches Remote Code Execution Vulnerability


A memory corruption vulnerability that leaves servers open to remote code execution assaults has been alerted to by OpenSSL in an urgent advisory.

The vulnerability, identified as CVE-2022-2274, was added in OpenSSL 3.0.4 and may allow hostile hackers to perform remote code attacks on SSL/TLS server-side equipment that is not patched. This is a “high-severity” problem according to the open source community, and they advise users to update to OpenSSL 3.0.5. Read More…