Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Box Status

OpenSSL Vulnerabilities still in Latest Versions of Box Drive

Completed
Follow
New post
Jack Paschke

The latest version of Box Drive for Windows (2.41.226) still contains outdated OpenSSL binaries (libcrypto-3 3.0.11 and libssl-3 3.0.11) which are vulnerable to several CVEs including CVE-2024-4741 (CVSS 8.1). Please patch these binaries as they are currently greatly elevating our enterprise vulnerability score across several security platforms.

1

Comments

1 comment

Date Votes
  • Rona

    Hi Jack, 

    Welcome to Box Community! 

    To help address your issue, I created a new ticket and a member from Box Product Support will be in touch, please keep an eye out. 

    Thanks for posting!

    0
    Comment actions Permalink

Please sign in to leave a comment.