OpenSSL Releases Security Updates

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

America's Cyber Defense Agency

OpenSSL has released security updates addressing a vulnerability (CVE-2022-0778) affecting multiple versions of OpenSSL. An attacker could exploit this vulnerability to cause a denial-of-service condition.

CISA encourages users and administrators to review the OpenSSL Advisory and upgrade to the appropriate version.

This product is provided subject to this Notification and this Privacy & Use policy.

OpenSSL Releases Security Updates

Please share your thoughts

CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps

CISA Releases Two Industrial Control Systems Advisories

CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion

CISA Adds Four Known Exploited Vulnerabilities to Catalog

OpenSSL Releases Security Updates

Please share your thoughts

Related Advisories

CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps

CISA Releases Two Industrial Control Systems Advisories

CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion

CISA Adds Four Known Exploited Vulnerabilities to Catalog