pull down to refresh

High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attackswww.securityweek.com/high-severity-openssl-vulnerability-found-by-apple-allows-mitm-attacks/
592 sats \ 1 comment \ @ch0k1 15 Feb security
The OpenSSL Project on Tuesday announced patches for the first high-severity vulnerability seen in the secure communications library in two years.
The vulnerability, tracked as CVE-2024-12797, was reported to OpenSSL developers by Apple in mid-December 2024.
The issue is related to clients using RFC7250 raw public keys (RPKs) to authenticate a server. CVE-2024-12797 was introduced in OpenSSL 3.2 with the implementation of RPK support.
write
preview
related posts
20 sats \ 0 replies \ @TheMorningStar 16 Feb
OpenSSL is lazy to react! It's already two months.
reply