On November 1, 2022 the OpenSSL organization disclosed two high-severity vulnerabilities in version 3.0 and above which are patched in OpenSSL 3.0.7. Okta has investigated the usage of the vulnerabilities and will continue to assess the potential impact to our dependencies and third parties. Okta Access Gateway has been found to use the OpenSSL 3.0 codebase since the release of 2022.10.0. Customers that have not yet updated to 2022.10.0 should refrain from updating to 2022.10.0 which cont...
