The much-anticipated OpenSSL 3.0.7 release, which fixes some high-risk
security problems, is available. The release
notes list two vulnerabilities (CVE-2022-3786 and CVE-2022-3602) that
have not yet been documented on the OpenSSL
vulnerabilities page. LWN commenter mat2 has provided the relevant information, though. It
is worth updating quickly, but many sites do not appear to be at immediate
risk.

Source: LWN.net – OpenSSL 3.0.7 released