Tag
x509
Safeguard articles tagged "x509" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Management
Inside the OpenSSL punycode bug: why CVE-2022-3602 wasn't Heartbleed
OpenSSL pre-announced a 'critical' flaw in October 2022. It shipped as HIGH severity. Here's the buffer overflow, the downgrade, and the safe patch path.
Jul 12, 20265 min read
Vulnerability Analysis
OpenSSL Punycode Overflow (CVE-2022-3602) Explained
CVE-2022-3602 was pre-announced as OpenSSL's next critical bug, then downgraded to high. Here is what the X.509 punycode buffer overflow actually does, why the panic cooled, and how to patch.
Jul 7, 20266 min read