OpenSSL vulnerabilities CVE-2022-3786 and CVE-2022-3602 have been assessed as high-impact, prompting Grafana Labs to evaluate their impact on their projects and products. The majority of Grafana Labs' core software, written in Go, is unaffected due to its reliance on Go's built-in TLS implementation, which is independent of OpenSSL. Grafana Cloud is also secure, as it depends on non-impacted or patched SSL/TLS implementations provided by cloud providers. However, some containerized releases may include vulnerable OpenSSL versions but are not confirmed to be susceptible to remote code execution. Grafana Labs is preparing updates to patch these dependencies as upstream patches become available. Security vulnerabilities can be reported to Grafana Labs via a dedicated email, and the company provides security announcements and updates through their blog and RSS feed.