openssl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the openssl package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
L CVE-2024-4603	<3.1.5-r0
L CVE-2024-2511	<3.1.4-r6
M CVE-2024-0727	<3.1.4-r5
L CVE-2023-6237	<3.1.4-r4
M Out-of-bounds Write	<3.1.4-r3
M Improper Check for Unusual or Exceptional Conditions	<3.1.4-r1
H CVE-2023-5363	<3.1.4-r0
M Excessive Iteration	<3.1.2-r0
M Inefficient Regular Expression Complexity	<3.1.1-r3
M Improper Authentication	<3.1.1-r2
M Allocation of Resources Without Limits or Throttling	<3.1.1-r0
M Out-of-bounds Read	<3.1.0-r4
M Improper Certificate Validation	<3.1.0-r2
H Improper Certificate Validation	<3.1.0-r1
H NULL Pointer Dereference	<3.0.8-r0
H NULL Pointer Dereference	<3.0.8-r0
M Out-of-bounds Read	<3.0.8-r0
H NULL Pointer Dereference	<3.0.8-r0
H Double Free	<3.0.8-r0
M Information Exposure	<3.0.8-r0
H Access of Resource Using Incompatible Type ('Type Confusion')	<3.0.8-r0
H Use After Free	<3.0.8-r0
H Improper Locking	<3.0.7-r2
H Buffer Overflow	<3.0.7-r0
H Buffer Overflow	<3.0.7-r0
H NULL Pointer Dereference	<3.0.6-r0
M Use of a Broken or Risky Cryptographic Algorithm	<3.0.5-r0
M Use of a Broken or Risky Cryptographic Algorithm	<3.0.3-r0
M Improper Certificate Validation	<3.0.3-r0
H Incomplete Cleanup	<3.0.3-r0
H Loop with Unreachable Exit Condition ('Infinite Loop')	<3.0.1-r0
H Loop with Unreachable Exit Condition ('Infinite Loop')	<3.0.2-r0
H Out-of-bounds Read	<1.1.1l-r0
C Buffer Overflow	<1.1.1l-r0
H Improper Certificate Validation	<1.1.1k-r0
M NULL Pointer Dereference	<1.1.1k-r0
L Inadequate Encryption Strength	<1.1.1j-r0
H Integer Overflow or Wraparound	<1.1.1j-r0
M Integer Overflow or Wraparound	<1.1.1j-r0
M NULL Pointer Dereference	<1.1.1i-r0
H NULL Pointer Dereference	<1.1.1g-r0
M Information Exposure	<1.1.1d-r3
L Use of a Broken or Risky Cryptographic Algorithm	<1.1.1d-r1
M Use of Insufficiently Random Values	<1.1.1d-r1
M CVE-2019-1547	<1.1.1d-r1
H Use of a Broken or Risky Cryptographic Algorithm	<1.1.1b-r1
M Use of a Broken or Risky Cryptographic Algorithm	<1.1.1a-r0
M Use of a Broken or Risky Cryptographic Algorithm	<1.1.1a-r0