2026-03-31 01:56:14
GitHub_M
PUBLISHED
vcpkg is a free and open-source C/C++ package manager. Prior to version 3.6.1#3, vcpkgs Windows builds of OpenSSL set openssldir to a path on the build machine, making that path be attackable later on customer machines. This issue has been patched in version 3.6.1#3.