SSB-2022-001 - OpenSSL Security Advisories - November 2022

CVSS score v3.1
Base 7.5
Temporal 7.0
Environmental 0.0

Description

Scalingo is aware of the recently reported issues regarding OpenSSL 3.0 (CVE-2022-3602 and CVE-2022-3786).

Scalingo services are not affected, and no customer action is required.

As a security best practice, we encourage customers who manage environments containing OpenSSL 3.0 to update to the latest version, available at https://www.openssl.org/source/ or via their operating system’s software update mechanism.

Scalingo PaaS

Scalingo Platform-As-A-Service base stacks do not ship with OpenSSL 3.0 and are not affected by these issues.

Scalingo DBaaS addons

Scalingo Database-As-A-Service base stacks do not ship with OpenSSL 3.0 and are not affected by these issues.

Other Scalingo addons and services

Other Scalingo Platform addons and features do not ship with OpenSSL 3.0 and are not affected by these issues.

Changelog

2022-11-09 : Initial version

Suggest edits

SSB-2022-001 - OpenSSL Security Advisories - November 2022

Security - Bulletins

©2024 Scalingo

GTC GTU DPA SLA HDS