openssl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the openssl package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
L CVE-2024-2511	<3.1.4-r6
M CVE-2024-0727	<3.1.4-r5
L CVE-2023-6237	<3.1.4-r4
M Out-of-bounds Write	<3.1.4-r3
M Inefficient Regular Expression Complexity	<3.1.1-r3
M Improper Authentication	<3.1.1-r2
M Out-of-bounds Read	<3.0.8-r0
H Use After Free	<3.0.8-r0
M Allocation of Resources Without Limits or Throttling	<3.1.1-r0
M Improper Check for Unusual or Exceptional Conditions	<3.1.4-r1
H NULL Pointer Dereference	<3.0.6-r0
M NULL Pointer Dereference	<1.1.1i-r0
H Buffer Overflow	<3.0.7-r0
H Improper Certificate Validation	<1.1.1k-r0
H NULL Pointer Dereference	<1.1.1g-r0
M Out-of-bounds Read	<3.1.0-r4
M Use of a Broken or Risky Cryptographic Algorithm	<1.1.1a-r0
M Improper Certificate Validation	<3.1.0-r2
H Use of a Broken or Risky Cryptographic Algorithm	<1.1.1b-r1
M Integer Overflow or Wraparound	<1.1.1j-r0
H Access of Resource Using Incompatible Type ('Type Confusion')	<3.0.8-r0
H Double Free	<3.0.8-r0
L Inadequate Encryption Strength	<1.1.1j-r0
H NULL Pointer Dereference	<3.0.8-r0
H NULL Pointer Dereference	<3.0.8-r0
M Use of a Broken or Risky Cryptographic Algorithm	<1.1.1a-r0
H Loop with Unreachable Exit Condition ('Infinite Loop')	<3.0.2-r0
H Loop with Unreachable Exit Condition ('Infinite Loop')	<3.0.1-r0
M Use of a Broken or Risky Cryptographic Algorithm	<3.0.5-r0
M Excessive Iteration	<3.1.2-r0
C Buffer Overflow	<1.1.1l-r0
M Information Exposure	<1.1.1d-r3
H Integer Overflow or Wraparound	<1.1.1j-r0
H CVE-2023-5363	<3.1.4-r0
H Improper Locking	<3.0.7-r2
H Buffer Overflow	<3.0.7-r0
H NULL Pointer Dereference	<3.0.8-r0
M Use of a Broken or Risky Cryptographic Algorithm	<3.0.3-r0
H Improper Certificate Validation	<3.1.0-r1
M Information Exposure	<3.0.8-r0
M Improper Certificate Validation	<3.0.3-r0
H Incomplete Cleanup	<3.0.3-r0
M NULL Pointer Dereference	<1.1.1k-r0
H Out-of-bounds Read	<1.1.1l-r0
L Use of a Broken or Risky Cryptographic Algorithm	<1.1.1d-r1
M CVE-2019-1547	<1.1.1d-r1
M Use of Insufficiently Random Values	<1.1.1d-r1