Homepage

openssl-universal vulnerabilities

  • licenses detected

    • Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the openssl-universal package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Buffer Overflow

    >=1.1.1h, <1.1.1200
    • H
    Access of Resource Using Incompatible Type ('Type Confusion')

    <1.1.2000
    • H
    Arbitrary Command Injection

    <1.1.1500
    • H
    Infinite loop

    <1.1.1400
    • H
    Out-of-bounds Read

    <1.1.1200
    • M
    Covert Timing Channel

    <3.3.3000
    • M
    Out-of-bounds Write

    <3.3.3000
    • M
    Use After Free

    <3.2.2
    • M
    Observable Timing Discrepancy

    <3.2.2
    • M
    NULL Pointer Dereference

    >=1.1.1h, <3.1.5000
    • M
    Denial of Service (DoS)

    >=3.1.2000, <3.1.5000
    • M
    Denial of Service (DoS)

    >=1.1.1h, <1.1.2300>=3.1.2000, <3.1.3000
    • M
    Denial of Service (DoS)

    <1.1.2200
    • M
    Denial of Service (DoS)

    >=1.1.1h, <1.1.2100
    • M
    Denial of Service (DoS)

    <1.1.2100
    • M
    Denial of Service (DoS)

    >=1.1.1h, <1.1.2000
    • M
    Timing Attack

    >=1.1.1h, <1.1.2000
    • M
    Use After Free

    >=1.1.1700, <1.1.2000
    • M
    Information Exposure

    <1.1.1700
    • L
    Denial of Service (DoS)

    <1.1.2200
    • L
    Improper Certificate Validation

    <1.1.2100
    • L
    Improper Certificate Validation

    <1.1.2100
    • H
    Missing Release of Resource after Effective Lifetime

    >=1.0.1, <1.0.1.20
    • M
    Information Exposure

    >=1.0.2, <1.0.2.17