OpenSSL Software Foundation

A high-severity security flaw in the software library of OpenSSL was currently resolved in a security patch.

The bug if exploited could have led to a denial-of-service (DoS) condition when parsing certificates.

It could also be weaponized when TLS clients (or servers) access a rogue certificate from a malicious server (or client), or when certificate authorities parse certification requests from subscribers and could result to a denial-of-service attack.

Source: https://thehackernews.com/2022/03/new-infinite-loop-bug-in-openssl-could.html

"id": "OPE214316322",
"linkid": "openssl-software-foundation",
"type": "Vulnerability",
"date": "03/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"