It’s more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch.
It was one of the biggest flaws in the Internet’s history that affected the core security of as many as two-thirds of the world’s servers i.e. half a million servers at
As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software.
The most serious of all is a heap-based buffer overflow bug (CVE-2016-7054) related to Transport Layer Security (TLS) connections using *-CHACHA20-POLY1305 cipher suites.
The vulnerability, reported by Robert Święcki of the Google Security Team on
The OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be exploited for denial-of-service (DoS) attacks.
OpenSSL is a widely used open-source cryptographic library that provides encrypted Internet connections using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for the majority of websites, as well
OpenSSL has released a series of patches against six vulnerabilities, including a pair of high-severity flaws that could allow attackers to execute malicious code on a web server as well as decrypt HTTPS traffic.
OpenSSL is an open-source cryptographic library that is the most widely being used by a significant portion of the Internet services; to cryptographically protect their sensitive Web
A new deadly security vulnerability has been discovered in OpenSSL that affects more than 11 Million modern websites and e-mail services protected by an ancient, long deprecated transport layer security protocol, Secure Sockets Layer (SSLv2).
Dubbed DROWN, the highly critical security hole in OpenSSL was disclosed today as a low-cost attack that could decrypt your sensitive, secure HTTPS
The OpenSSL Foundation has released the promised patch for a high severity vulnerability in its cryptographic code library that let attackers obtain the key to decrypt HTTPS-based communications and other Transport layer security (TLS) channels.
OpenSSL is an open-source library that is the most widely used in applications for secure data transfers. Most websites use it to enable Secure
The OpenSSL project team today patched two vulnerabilities in the crypto library, one of which is rated high severity.
A high-severity bug in OpenSSL was disclosed today, and it affects only organizations that installed an update released in June, and allows anyone with an untrusted TLS certificate to become a CA.
The anticipated high severity patch in OpenSSL is for a denial-of-service vulnerability in the recently released version 1.0.2 that can crash a client or server with a malformed certificate.