Vulnerability Bulletins

OpenSSL Security Advisories - November 2022

System information

Affected software AmazonWS


Initial Publication Date: 2022/11/01 09:00 PDT AWS is aware of the recently reported issues regarding OpenSSL 3.0 (CVE-2022-3602 and CVE-2022-3786). AWS services are not affected, and no customer action is required. Additionally, Amazon Linux 1 and Amazon Linux 2 do not ship with OpenSSL 3.0 and are not affected by these issues. Customers utilizing Amazon Linux 2022, Bottlerocket OS or ECS-optimized Amazon Machine Images (AMIs) on Amazon ECS should read the instructions below. As a security

More info:

Standar resources

Property Value
CVE CVE-2022-3602 and CVE-2022-3786.

Version history

Version Comments Date
1.0 Advisory issued 2022-11-12
Ministerio de Defensa