OpenSSL Vulnerability
Incident Report for Procore Technologies
Procore is aware of the recently disclosed vulnerabilities affecting OpenSSL versions 3.0.0 to 3.0.6. Further details are available within OpenSSL's advisory for CVE-2022-3786 and CVE-2022-3602.

Procore has seen no indication that these vulnerabilities have impacted the Procore platform's security. Procore is monitoring this issue, and will patch any identified vulnerable instances of OpenSSL.

We'll post updates here as additional information becomes available.
Posted Nov 01, 2022 - 12:36 PDT