OpenSSL developers have released security updates to address multiple security vulnerabilities (CVE-2022-1292, CVE-2022-1343, CVE-2022-1434, CVE-2022-1473) in OpenSSL. An attacker could exploit some of these vulnerabilities to trigger arbitrary code execution, security restrictions bypass, information disclosure and cause a denial-of-service condition on the targeted system. The issues affect OpenSSL versions 1.0.2, 1.1.1 and 3.0. OpenSSL developers have fixed the issues with the release of versions 1.0.2ze (for premium support customers), 1.1.1o and 3.0.3.

More information on vulnerabilities and updates is available in the OpenSSL security advisory - openssl.org.