Forum Discussion
neeeewbie
MVP
MVPIs f5 vulnerable to cve-2022-2274 / 2022-2097?
Hi
we got new CVE
Is f5 vulnerable to cve-2022-2274 / 2022-2097?
thank you
neeeewbieMVP
MVPthanks for your kind attention
I saw this document
but Development of versions prior to 1.1.0 is discontinued
our device using 1.0.2. so I curious
is 1.0.2 version safe from this vulnerable?
Hi neeeewbie,
OpenSSL Security Advisory [5 July 2022]
=======================================
Heap memory corruption with RSA private key operation (CVE-2022-2274)
=====================================================================
...
OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.
...
AES OCB fails to encrypt some bytes (CVE-2022-2097)
===================================================
...
This issue affects versions 1.1.1 and 3.0. It was addressed in the
releases of 1.1.1q and 3.0.5 on the 5th July 2022.
...- neeeewbie
thank you!
I saw this news.
this openssl vesion safe from 2274
do you know f5 safe from 2097?