(November 1 2022 Critical High vulnerabilities) tracking
This is the GitHub for the companion spreadsheet for fast tracking of information about the November OpenSSL 3 vulnerability.
Any strong public signals of products or organizations being affected (or unaffected) are in scope.
Is this undue diligence? Perhaps. But even if this vulnerability is not widely exploitable, I'd "rather have and not need it than need it and not have it". Also, this work is now forward-ready for future vulnerabilities! 😛
Because GitHub limits the width of some data, it may be easiest to view the spreadsheet.
You can also install the Stylus and Widescreen for GitHub Chrome extensions for more real estate.
This information is part of an occasional series, The Story So Far. The recent entry about log4j was the only non-institutional resource included in CISA's official log4j guidance.