You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
We have become aware that HeidiSQL v12.6 contains the following OpenSSL v3.1.3 DLLs (in their default install location) which are vulnerable to a number of existing CVEs (1 Moderate severity and 4 Low severity) c:\program files\heidisql\libcrypto-3-x64.dll c:\program files\heidisql\libssl-3-x64.dll
N.B. These issues have been resolved in the latest OpenSSL release v3.1.5 (Released January 30th 2024)
Preconditions
Describe the bug
We have become aware that HeidiSQL v12.6 contains the following OpenSSL v3.1.3 DLLs (in their default install location) which are vulnerable to a number of existing CVEs (1 Moderate severity and 4 Low severity)
c:\program files\heidisql\libcrypto-3-x64.dll c:\program files\heidisql\libssl-3-x64.dll
N.B. These issues have been resolved in the latest OpenSSL release v3.1.5 (Released January 30th 2024)
This is similar to #1841
List of vulnerabilities fixed in OpenSSL v3.1.x : https://www.openssl.org/news/vulnerabilities-3.1.html
OpenSSL downloads available from here: https://www.openssl.org/source/
To Reproduce
n/a
Screenshots or Crash reports
n/a
Thanks in advance for your consideration
The text was updated successfully, but these errors were encountered: