openssl-perl vulnerabilities

Known vulnerabilities in the openssl-perl package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Access of Resource Using Incompatible Type ('Type Confusion')	*
L Information Exposure	*
L Use After Free	*
L CVE-2024-4603	*
L Resource Exhaustion	*
L NULL Pointer Dereference	*
L Reversible One-Way Hash	*
L Missing Required Cryptographic Step	*
L Excessive Iteration	*
L Resource Exhaustion	*
M Resource Exhaustion	*
L Improper Certificate Validation	*
L Improper Certificate Validation	*
L Resource Exhaustion	*
M Use After Free	*
L NULL Pointer Dereference	*
M Arbitrary Command Injection	*
M Arbitrary Command Injection	*
M Out-of-bounds Read	*
H Improper Handling of Length Parameter Inconsistency	<0:1.0.1e-16.el6_5.7
H NULL Pointer Dereference	<0:1.0.1e-16.el6_5.4
H Cryptographic Issues	<0:1.0.1e-16.el6_5.4
H Cryptographic Issues	<0:1.0.1e-16.el6_5.4
M Use of a Broken or Risky Cryptographic Algorithm	*
M Integer Overflow or Wraparound	<0:1.0.1e-48.el6_8.4
M Resource Exhaustion	<0:1.0.1e-48.el6_8.4
M Cryptographic Issues	<0:1.0.0-27.el6_4.2
M Cryptographic Issues	<0:1.0.0-27.el6_4.2
M Cryptographic Issues	<0:1.0.0-27.el6_4.2
H Integer Overflow or Wraparound	<0:1.0.1e-48.el6_8.3
H Out-of-bounds Read	<0:1.0.1e-48.el6_8.3
H Missing Release of Resource after Effective Lifetime	<0:1.0.1e-48.el6_8.3
H Resource Exhaustion	<0:1.0.1e-48.el6_8.3
H Out-of-bounds Read	<0:1.0.1e-48.el6_8.3
H Covert Timing Channel	<0:1.0.1e-48.el6_8.3
H Improper Input Validation	<0:1.0.1e-48.el6_8.3
H Unchecked Error Condition	<0:1.0.1e-48.el6_8.3
H Integer Overflow or Wraparound	<0:1.0.1e-48.el6_8.3
H Improper Input Validation	<0:1.0.1e-48.el6_8.1
H Integer Overflow or Wraparound	<0:1.0.1e-48.el6_8.1
H Out-of-bounds Write	<0:1.0.1e-48.el6_8.1
H Out-of-Bounds	<0:1.0.1e-48.el6_8.1
H Out-of-bounds Write	<0:1.0.1e-48.el6_8.1
H Integer Overflow or Wraparound	<0:1.0.1e-48.el6_8.1
H Cryptographic Issues	<0:1.0.1e-48.el6_8.1
H Information Exposure	<0:1.0.1e-42.el6_7.4
H Cryptographic Issues	<0:1.0.1e-42.el6_7.4
H CVE-2016-0797	<0:1.0.1e-42.el6_7.4
H CVE-2016-0705	<0:1.0.1e-42.el6_7.4
H Cryptographic Issues	<0:1.0.1e-42.el6_7.4
M Improper Data Handling	<0:1.0.1e-42.el6_7.2
M Integer Overflow or Wraparound	<0:1.0.0-20.el6_2.5
M Race Condition	<0:1.0.1e-42.el6_7.1
M CVE-2015-3194	<0:1.0.1e-42.el6_7.1
M Memory Leak	<0:1.0.1e-42.el6_7.1
H Incorrect Conversion between Numeric Types	<0:1.0.0-20.el6_2.4
M Cryptographic Issues	<0:1.0.0-20.el6_2.3
M NULL Pointer Dereference	<0:1.0.0-20.el6_2.3
M Resource Management Errors	<0:1.0.0-20.el6_2.1
M Resource Management Errors	<0:1.0.0-20.el6_2.1
M Cryptographic Issues	<0:1.0.0-20.el6_2.1
M Cryptographic Issues	<0:1.0.0-20.el6_2.1
M Access Restriction Bypass	<0:1.0.0-10.el6_1.5
M Improper Input Validation	*
M Out-of-Bounds	<0:1.0.1e-30.el6_6.11
M Numeric Errors	<0:1.0.1e-30.el6_6.11
M Use of a Broken or Risky Cryptographic Algorithm	<0:1.0.1e-30.el6_6.9
M Resource Management Errors	<0:1.0.0-10.el6
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.0.1e-30.el6_6.11
M CVE-2015-1790	<0:1.0.1e-30.el6_6.11
M Use of a Broken or Risky Cryptographic Algorithm	*
M Out-of-bounds Read	<0:1.0.1e-30.el6_6.11
M Race Condition	<0:1.0.1e-30.el6_6.11
M Reachable Assertion	<0:1.0.1e-30.el6_6.7
M Integer Overflow or Wraparound	<0:1.0.1e-30.el6_6.7
M Out-of-bounds Write	<0:1.0.1e-30.el6_6.7
M Untrusted Pointer Dereference	<0:1.0.1e-30.el6_6.7
M Information Exposure	<0:1.0.1e-30.el6_6.7
M Use After Free	<0:1.0.1e-30.el6_6.7
M NULL Pointer Dereference	<0:1.0.1e-30.el6_6.7
M NULL Pointer Dereference	<0:1.0.1e-30.el6_6.7
M Information Exposure	<0:1.0.1e-30.el6_6.7
M Cryptographic Issues	<0:1.0.1e-30.el6_6.5
M Cryptographic Issues	<0:1.0.1e-30.el6_6.5
M Use of a Broken or Risky Cryptographic Algorithm	<0:1.0.1e-30.el6_6.5
M Cryptographic Issues	<0:1.0.1e-30.el6_6.5
M Cryptographic Issues	<0:1.0.1e-30.el6_6.5
M CVE-2014-3571	<0:1.0.1e-30.el6_6.5
M Memory Leak	<0:1.0.1e-30.el6_6.5
H Improper Synchronization	<0:1.0.0-4.el6_0.1
M NULL Pointer Dereference	<0:1.0.1e-16.el6_5.15
H Memory Leak	<0:1.0.1e-30.el6_6.2
H Memory Leak	<0:1.0.1e-30.el6_6.2
M CVE-2010-4180	<0:1.0.0-4.el6_0.2
M Missing Authorization	<0:1.0.1e-16.el6_5.15
M Memory Leak	<0:1.0.1e-16.el6_5.15
M Race Condition	<0:1.0.1e-16.el6_5.15
M Detection of Error Condition Without Action	<0:1.0.1e-16.el6_5.15
M Information Exposure	<0:1.0.1e-16.el6_5.15
M Operation on a Resource after Expiration or Release	<0:1.0.1e-16.el6_5.15
H NULL Pointer Dereference	<0:1.0.1e-16.el6_5.14
H Out-of-Bounds	<0:1.0.1e-16.el6_5.14
L Inadequate Encryption Strength	*
H Use After Free	<0:1.0.1e-16.el6_5.14
H Improper Enforcement of Behavioral Workflow	<0:1.0.1e-16.el6_5.14
H Resource Exhaustion	<0:1.0.1e-16.el6_5.14
H NULL Pointer Dereference	<0:1.0.1e-16.el6_5.14
L Improper Certificate Validation	*
L Information Exposure	*
M Client-Side Enforcement of Server-Side Security	*
L Covert Timing Channel	*
L Covert Timing Channel	*
M Uncontrolled Recursion	*
M Information Exposure	*
L Covert Timing Channel	*
M Missing Required Cryptographic Step	*
L Out-of-bounds Read	*
M Covert Timing Channel	*
M NULL Pointer Dereference	*
L Covert Timing Channel	*
M Inadequate Encryption Strength	*
M Missing Required Cryptographic Step	<0:1.0.1e-58.el6_10
L Access Restriction Bypass	*
M Information Exposure	*

Vulnerability

Vulnerable Version

Access of Resource Using Incompatible Type ('Type Confusion')