Skip to main content
Best Answer

OpenSSL 3.0 Vulnerabilities

S

I’m looking for information on whether your organization is aware of the OpenSSL 3.0 vulnerabilities disclosed earlier this month, summarized in CVE-2022-3602 and CVE-2022-3786.  If so, have you investigated whether any of your internal systems are vulnerable and have you mitigated those vulnerabilities if they exist?

Thank you!

Best answer by John

@sgaucher - please see below for a recent response from our InfoSec and Product teams, in re: to the vulnerabilities you’ve mentioned:

OpenSSL Security Advisory (CVE-2022-3786 and CVE-2022-3602)

Docebo is not affected by the reported vulnerabilities in our product since the affected versions of the software are not used in any part of the product infrastructure.

View original
Did this post help you find an answer to your question?

3 replies

John
Docebian
Forum|alt.badge.img+2
  • John
  • Docebian
  • 125 replies
  • Answer
  • November 14, 2022

@sgaucher - please see below for a recent response from our InfoSec and Product teams, in re: to the vulnerabilities you’ve mentioned:

OpenSSL Security Advisory (CVE-2022-3786 and CVE-2022-3602)

Docebo is not affected by the reported vulnerabilities in our product since the affected versions of the software are not used in any part of the product infrastructure.

Bfarkas
1 person likes this
  • Bfarkas
    Bfarkas
S
  • sgaucher
  • Author
  • Newcomer
  • 1 reply
  • November 14, 2022

Awesome, thanks John!

John
Bfarkas
2 people like this
  • John
    John
  • Bfarkas
    Bfarkas
John
Docebian
Forum|alt.badge.img+2
  • John
  • Docebian
  • 125 replies
  • November 14, 2022

You are most welcome! 

Reply


Most helpful members this week

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings