1. Resources
  2. /
  3. Changelog
  4. /
  5. Buildkite and OpenSSL (CVE-2022-3786, CVE-2022-3602)

Buildkite and OpenSSL (CVE-2022-3786, CVE-2022-3602)

Last week a serious vulnerability (CVE-2022-3786, CVE-2022-3602), was disclosed in the OpenSSL library. We’ve ensured that Buildkite internal systems, and our open source projects, are not vulnerable to this exploit.

We've performed an audit on our internal software and infrastructure, and we have no instances of OpenSSL 3.0.x in use directly or via dependencies, and therefore are not vulnerable to this exploit.

Additionally we've reviewed our open source projects (including the Buildkite Agent and the Elastic CI Stack for AWS) and have verified they also don't have any use of OpenSSL 3.0.x and are not vulnerable to (CVE-2022-3786, CVE-2022-3602).

If you have any further questions please contact support@buildkite.com.

James

Start turning complexity into an advantage

Create an account to get started with a 30-day free trial. No credit card required.

Buildkite Pipelines

Platform

  1. Pipelines
  2. Pipeline templates
  3. Public pipelines
  4. Test Engine
  5. Package Registries
  6. Mobile Delivery Cloud
  7. Pricing

Hosting options

  1. Self-hosted agents
  2. Mac hosted agents
  3. Linux hosted agents

Resources

  1. Docs
  2. Blog
  3. Changelog
  4. Webinars
  5. Plugins
  6. Case studies
  7. Events

Company

  1. About
  2. Careers
  3. Press
  4. Brand assets
  5. Contact

Solutions

  1. Replace Jenkins
  2. Workflows for AI/ML
  3. Testing at scale
  4. Monorepo delivery

Support

  1. System status
  2. Forum