Les guides produit sont disponibles dans la bêta du nouveau docs.box.com, repensé et assisté par l’IA. Découvrez tous les détails sur les changements.

Box Status

OpenSSL Vulnerabilities still in Latest Versions of Box Drive

Terminée
S’abonner
New post
Jack Paschke

The latest version of Box Drive for Windows (2.41.226) still contains outdated OpenSSL binaries (libcrypto-3 3.0.11 and libssl-3 3.0.11) which are vulnerable to several CVEs including CVE-2024-4741 (CVSS 8.1). Please patch these binaries as they are currently greatly elevating our enterprise vulnerability score across several security platforms.

1

Commentaires

2 commentaires

Date Votes
  • Rona

    Hi Jack, 

    Welcome to Box Community! 

    To help address your issue, I created a new ticket and a member from Box Product Support will be in touch, please keep an eye out. 

    Thanks for posting!

    0
    Actions pour les commentaires Permalien
  • Jaturong Wongpiriyapaisan

    Hi Rona

    I use Box Drive 2.43.205 but why Openssl is still 3.0.11.0, how can I update it?

    0
    Actions pour les commentaires Permalien

Vous devez vous connecter pour laisser un commentaire.