OpenSSL certificate parsing infinite loop causing denial of service — exploitable via TLS client certificates and code signing in supply chain. Update OpenSSL to 1.1.1n/3.0.2. Prioritize internet-facing TLS endpoints accepting client-side certificates.
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. OpenSSL infinite loop.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →