OpenSSL Announces Update for Critical Vulnerability
OpenSSL will release a patch on November 1 to close a critical vulnerability. As this is a critical vulnerability, no further details have been disclosed by the organization.
OpenSSL is one of the most widely used open source cryptography libraries, making a critical vulnerability very dangerous. It is more common for a vulnerability to be found in OpenSSL, but it is not often that it is of the highest risk level. OpenSSL writes that the update will be available on Tuesday afternoon.
The vulnerability is in version 3.0 of OpenSSL and should be fixed with the release of 3.0.7. In its security policy writes OpenSSL that information about critical vulnerabilities is not shared. Vulnerabilities like this make it possible, for example, to invade and take over servers or decrypt intercepted communications.