- What: Multiple vulnerabilities have been identified in OpenSSL.
- Impact: Successful exploitation could lead to remote code execution, denial of service, data manipulation, and sensitive information disclosure.
- Affected: OpenSSL versions 1.0.2, 1.1.1, 3.0, 3.3, 3.4, 3.5 and 3.6.
- Patch: Upgrade to versions 1.0.2zn, 1.1.1ze, 3.0.19, 3.3.6, 3.4.4, 3.5.5 or 3.6.1 respectively.
Multiple vulnerabilities were identified in OpenSSL. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition, data manipulation and sensitive information disclosure on the targeted system. Impact Denial of Service Remote Code Execution Information Disclosure Data Manipulation System / Technologies affected OpenSSL version 1.0.2 OpenSSL version 1.1.1 OpenSSL version 3.0 OpenSSL version 3.3 OpenSSL version 3.4 OpenSSL version 3.5 OpenSSL version 3.6 Solutions Before installation of the software, please visit the software manufacturer web-site for more details. For version 1.0.2, upgrade to version 1.0.2zn For version 1.1.1, upgrade to version 1.1.1ze For version 3.0, upgrade to version 3.0.19 For version 3.3, upgrade to version 3.3.6 For version 3.4, upgrade to version 3.4.4 For version 3.5, upgrade to version 3.5.5 For version 3.6, upgrade to version 3.6.1