OpenSSL have published a security advisory. Here's how it affects BoringSSL:
| CVE | Summary | Severity in OpenSSL | Impact to BoringSSL |
|---|---|---|---|
| CVE-2024-0727 | Unbounded memory growth with session handling in TLSv1.3 | Low | Not affected; the session cache code in BoringSSL was rewritten. |