• be vigilant! OpenSSL multiple high-risk vulnerability warning

    Vulnerability Description Recently, CICA security cert monitoring found that OpenSSL has multiple high-risk vulnerabilities with vulnerability numbers of cve-2022-1292 and cve-2022-1473 respectively Cve-2022-1292 is an OpenSSL Code Execution Vulnerability. The vulnerability originates from C_The rehash script does not properly clean up shell metacharacters to prevent command injection. The script is distributed by some operators and executed automatically by the system. In a vulnerable operating system, an attacker can use this vulnerability to execute arbitrary commands with the privileges of a script Cve-2022-1473 is an OpenSSL denial of service vulnerability. The…

    May 17, 2022