Does CVE-2022-3786 or CVE-2022-3602 affect Azul's products?
No. CVE-2022-3786 and CVE-2022-3602 are High-Severity buffer overflow vulnerabilities in OpenSSL. Neither of these CVEs impact any of Azul's products or their components. Azul Platform Core, Azul Platform Prime, and Azul Vulnerability Detection are not affected.
Where our products are built with OpenSSL, we specifically use OpenSSL 1.x versions which are not impacted by the CVE-2022-3786 and CVE-2022-3602 vulnerabilities.
If you have any follow-up questions or concerns, please feel free to email support at azul.com.