openssl vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the openssl package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Improper Authentication

<3.1.1-r2
  • M
Allocation of Resources Without Limits or Throttling

<3.1.1-r0
  • M
Information Exposure

<3.0.8-r0
  • H
Double Free

<3.0.8-r0
  • H
Improper Locking

<3.0.7-r2
  • H
Use After Free

<3.0.8-r0
  • M
Improper Check for Unusual or Exceptional Conditions

<3.1.4-r1
  • L
CVE-2024-6119

<3.3.2-r0
  • M
CVE-2024-0727

<3.1.4-r5
  • M
Out-of-bounds Read

<3.1.0-r4
  • L
CVE-2024-5535

<3.3.1-r1
  • M
Improper Certificate Validation

<3.1.0-r2
  • M
Integer Overflow or Wraparound

<1.1.1j-r0
  • L
CVE-2023-6237

<3.1.4-r4
  • M
Out-of-bounds Read

<3.0.8-r0
  • L
Inadequate Encryption Strength

<1.1.1j-r0
  • H
NULL Pointer Dereference

<3.0.8-r0
  • H
NULL Pointer Dereference

<1.1.1g-r0
  • M
Excessive Iteration

<3.1.2-r0
  • M
Inefficient Regular Expression Complexity

<3.1.1-r3
  • M
Use of a Broken or Risky Cryptographic Algorithm

<1.1.1a-r0
  • H
Use of a Broken or Risky Cryptographic Algorithm

<1.1.1b-r1
  • L
CVE-2024-4741

<3.3.0-r3
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<3.0.8-r0
  • M
Use of a Broken or Risky Cryptographic Algorithm

<3.0.3-r0
  • L
CVE-2024-4603

<3.3.0-r2
  • L
CVE-2024-2511

<3.2.1-r2
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<3.0.2-r0
  • H
CVE-2023-5363

<3.1.4-r0
  • L
CVE-2024-9143

<3.3.2-r3
  • M
Out-of-bounds Write

<3.1.4-r3
  • M
Use of a Broken or Risky Cryptographic Algorithm

<3.0.5-r0
  • H
NULL Pointer Dereference

<3.0.6-r0
  • H
NULL Pointer Dereference

<3.0.8-r0
  • H
Improper Certificate Validation

<3.1.0-r1
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<3.0.1-r0
  • H
Out-of-bounds Read

<1.1.1l-r0
  • M
NULL Pointer Dereference

<1.1.1i-r0
  • H
NULL Pointer Dereference

<3.0.8-r0
  • H
Buffer Overflow

<3.0.7-r0
  • H
Buffer Overflow

<3.0.7-r0
  • M
Use of Insufficiently Random Values

<1.1.1d-r1
  • L
Use of a Broken or Risky Cryptographic Algorithm

<1.1.1d-r1
  • M
Information Exposure

<1.1.1d-r3
  • M
NULL Pointer Dereference

<1.1.1k-r0
  • M
CVE-2019-1547

<1.1.1d-r1
  • H
Integer Overflow or Wraparound

<1.1.1j-r0
  • M
Use of a Broken or Risky Cryptographic Algorithm

<1.1.1a-r0
  • M
Improper Certificate Validation

<3.0.3-r0
  • H
Improper Certificate Validation

<1.1.1k-r0
  • C
Buffer Overflow

<1.1.1l-r0
  • H
Incomplete Cleanup

<3.0.3-r0