Start a conversation

Advisory on CVE-2022-0778: OpenSSL Denial of Service vulnerability

Advisory Release Date

Mar 21, 2022


On March 15, 2022, the OpenSSL Project announced a Denial-of-Service vulnerability that affects all versions of OpenSSL.  More information on this vulnerability can be found here:

All LightWave & SOAPam products released prior to March 15, 2022, use vulnerable versions of OpenSSL. The vulnerability affects TLS connections when Elliptical Curve (ECC) certificates are in use. By default, LightWave & SOAPam products use RSA certificates which are not affected, but it is possible to install an ECC certificate from an external provider.


As of March 21, the default GA downloads for the latest LIghtWave & SOAPam product releases have been upgraded to the latest OpenSSL release 1.1.1n. Note that the update is only for the latest product releases If you would like a hotfix prepared another supported release, please open a support case.

Choose files or drag and drop files
Was this article helpful?