Home › OpenSSL Vulnerability Fixed in Version 1.0.2o
OpenSSL Vulnerability Fixed in Version 1.0.2o
Submitted on 22. March 2018 - 10:44 by rischi. Last update on 27. March 2018 - 18:07.
Keywords:
OpenSSL, ASN.1
Description:
OpenSSL released a security advisory on March 27, 2018, describing three vulnerabilities fixed in the newest releases [1].
Airlock WAF is not affected
Details:
CVE-2018-0739: Vulnerability related to ASN.1 types with recursive definitions. Airlock WAF is not affected because no such structures are used within SSL/TLS that come from untrusted sources.
CVE-2018-0733: This vulnerability only affects OpenSSL version 1.1.0 which is not used by Airlock WAF.
CVE-2017-3738: This vulnerability is already fixed in OpenSSL version 1.0.2n and not relevant for Airlock WAF. Details see [2].