The OpenSSL team has announced two high-severity vulnerabilities, CVE-2022-3602 and CVE-2022-3786, related to buffer overruns in X.509 certificate verification. These vulnerabilities can be triggered by connecting to a rogue server or by a malicious client joining when the server requests client authentication. Affected versions of OpenSSL 3.0 are vulnerable, and users are advised to upgrade to version 3.0.7 immediately. The vulnerabilities pose a risk of Denial of Service and Remote Code Execution, and organizations should disable TLS client authentication until the upgrade has been applied. Snyk is helping by flagging these vulnerabilities in its Open Source projects and providing guidance on how to address them through its CLI and Container services.