OpenSSL Patch

On November 1, 2022, Render addressed the OpenSSL patches for vulnerabilities CVE-2022-3602 and CVE-2022-3786, confirming that their services were not affected as these issues impact only OpenSSL 3.0.X versions. The OpenSSL team downgraded the severity of one vulnerability from 'critical' to 'high' due to its limited exploitability, which primarily involves a vulnerable TLS client connecting to a malicious server. Some Linux versions are reportedly not affected by the remote code execution vulnerability. Render emphasized their commitment to proper patching and encouraged others to do the same while offering a platform that ensures a cost-effective and robust cloud infrastructure, allowing developers to focus on building and deploying applications efficiently. For further details on the vulnerabilities, Render referred readers to an article by BleepingComputer.