openssl098e vulnerabilities

Known vulnerabilities in the openssl098e package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Arbitrary Command Injection	*
M Arbitrary Command Injection	*
M Out-of-bounds Read	*
M Use of a Broken or Risky Cryptographic Algorithm	*
M Resource Exhaustion	*
L Integer Overflow or Wraparound	*
M Missing Release of Resource after Effective Lifetime	*
L Out-of-bounds Read	*
M Covert Timing Channel	*
M Improper Input Validation	*
M Unchecked Error Condition	*
L Improper Input Validation	*
M Integer Overflow or Wraparound	*
H Out-of-bounds Write	*
L Out-of-Bounds	*
L Out-of-bounds Write	*
M Integer Overflow or Wraparound	*
H Cryptographic Issues	<0:0.9.8e-29.el7_2.3
H Cryptographic Issues	<0:0.9.8e-29.el7_2.3
L CVE-2015-3194	*
M Memory Leak	*
M Out-of-Bounds	*
M Use of a Broken or Risky Cryptographic Algorithm	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M CVE-2015-1790	*
M Out-of-bounds Read	*
L Race Condition	*
H Reachable Assertion	<0:0.9.8e-29.el7_2.3
M Integer Overflow or Wraparound	*
L Out-of-bounds Write	*
H Information Exposure	<0:0.9.8e-29.el7_2.3
L NULL Pointer Dereference	*
L NULL Pointer Dereference	*
H Information Exposure	<0:0.9.8e-29.el7_2.3
L Cryptographic Issues	*
M Use of a Broken or Risky Cryptographic Algorithm	*
L Cryptographic Issues	*
M CVE-2014-3571	*
H Not Failing Securely ('Failing Open')	*
M NULL Pointer Dereference	*
M Missing Authorization	*
M Information Exposure	*
M Operation on a Resource after Expiration or Release	*
H Improper Enforcement of Behavioral Workflow	<0:0.9.8e-29.el7_0.2
M Resource Exhaustion	*
L Covert Timing Channel	*
M Uncontrolled Recursion	*
M Information Exposure	*
L Covert Timing Channel	*
M Missing Required Cryptographic Step	*
L Out-of-bounds Read	*
M NULL Pointer Dereference	*
L Covert Timing Channel	*
M Missing Required Cryptographic Step	*
M Information Exposure	*

Vulnerability

Vulnerable Version

Arbitrary Command Injection