Homepage

openssl-universal vulnerabilities

  • licenses detected

    • Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the openssl-universal package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Buffer Overflow

    >=1.1.1h, <1.1.1200
    • H
    Access of Resource Using Incompatible Type ('Type Confusion')

    <1.1.2000
    • H
    Arbitrary Command Injection

    <1.1.1500
    • H
    Infinite loop

    <1.1.1400
    • H
    Out-of-bounds Read

    <1.1.1200
    • M
    Covert Timing Channel

    <3.3.3000
    • M
    Out-of-bounds Write

    <3.3.3000
    • M
    Use After Free

    <3.2.2
    • M
    Observable Timing Discrepancy

    <3.2.2
    • M
    NULL Pointer Dereference

    >=1.1.1h, <3.1.5000
    • M
    Denial of Service (DoS)

    >=3.1.2000, <3.1.5000
    • M
    Denial of Service (DoS)

    >=1.1.1h, <1.1.2300>=3.1.2000, <3.1.3000
    • M
    Denial of Service (DoS)

    <1.1.2200
    • M
    Denial of Service (DoS)

    >=1.1.1h, <1.1.2100
    • M
    Denial of Service (DoS)

    <1.1.2100
    • M
    Denial of Service (DoS)

    >=1.1.1h, <1.1.2000
    • M
    Timing Attack

    >=1.1.1h, <1.1.2000
    • M
    Use After Free

    >=1.1.1700, <1.1.2000
    • M
    Information Exposure

    <1.1.1700
    • L
    Denial of Service (DoS)

    <1.1.2200
    • L
    Improper Certificate Validation

    <1.1.2100
    • L
    Improper Certificate Validation

    <1.1.2100
    • H
    Missing Release of Resource after Effective Lifetime

    >=1.0.1, <1.0.1.20
    • M
    Information Exposure

    >=1.0.2, <1.0.2.17