openssl-libs vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the openssl-libs package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • L
Information Exposure

*
  • L
NULL Pointer Dereference

*
  • L
Reversible One-Way Hash

*
  • L
Missing Required Cryptographic Step

*
  • L
Excessive Iteration

*
  • L
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • L
Improper Certificate Validation

*
  • L
Improper Certificate Validation

*
  • L
Resource Exhaustion

*
  • H
Incorrect Type Conversion or Cast

<1:1.0.2k-26.el7_9
  • M
Use After Free

*
  • M
Information Exposure

*
  • L
NULL Pointer Dereference

*
  • M
Arbitrary Command Injection

*
  • M
Arbitrary Command Injection

*
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<1:1.0.2k-25.el7_9
  • M
Out-of-bounds Read

<1:1.0.2k-23.el7_9
  • M
Unchecked Error Condition

<1:1.0.2k-12.el7
  • M
Incorrect Calculation

<1:1.0.2k-12.el7
  • M
Integer Overflow or Wraparound

<1:1.0.2k-12.el7
  • M
Integer Overflow or Wraparound

<1:1.0.1e-60.el7_3.1
  • M
Resource Exhaustion

<1:1.0.1e-60.el7_3.1
  • H
Integer Overflow or Wraparound

<1:1.0.1e-51.el7_2.7
  • H
Out-of-bounds Read

<1:1.0.1e-51.el7_2.7
  • H
Missing Release of Resource after Effective Lifetime

<1:1.0.1e-51.el7_2.7
  • H
Resource Exhaustion

<1:1.0.1e-51.el7_2.7
  • H
Out-of-bounds Read

<1:1.0.1e-51.el7_2.7
  • H
Covert Timing Channel

<1:1.0.1e-51.el7_2.7
  • H
Improper Input Validation

<1:1.0.1e-51.el7_2.7
  • H
Unchecked Error Condition

<1:1.0.1e-51.el7_2.7
  • H
Integer Overflow or Wraparound

<1:1.0.1e-51.el7_2.7
  • H
Improper Input Validation

<1:1.0.1e-51.el7_2.5
  • H
Integer Overflow or Wraparound

<1:1.0.1e-51.el7_2.5
  • H
Out-of-bounds Write

<1:1.0.1e-51.el7_2.5
  • H
Out-of-Bounds

<1:1.0.1e-51.el7_2.5
  • H
Out-of-bounds Write

<1:1.0.1e-51.el7_2.5
  • H
Integer Overflow or Wraparound

<1:1.0.1e-51.el7_2.5
  • H
Cryptographic Issues

<1:1.0.1e-51.el7_2.5
  • H
Information Exposure

<1:1.0.1e-51.el7_2.4
  • H
Cryptographic Issues

<1:1.0.1e-51.el7_2.4
  • H
CVE-2016-0797

<1:1.0.1e-51.el7_2.4
  • H
CVE-2016-0705

<1:1.0.1e-51.el7_2.4
  • H
Cryptographic Issues

<1:1.0.1e-51.el7_2.4
  • M
Improper Data Handling

<1:1.0.1e-51.el7_2.2
  • M
Race Condition

<1:1.0.1e-51.el7_2.1
  • M
CVE-2015-3194

<1:1.0.1e-51.el7_2.1
  • M
Memory Leak

<1:1.0.1e-51.el7_2.1
  • M
Out-of-Bounds

<1:1.0.1e-42.el7_1.8
  • M
Numeric Errors

<1:1.0.1e-42.el7_1.8
  • M
Use of a Broken or Risky Cryptographic Algorithm

<1:1.0.1e-42.el7_1.6
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<1:1.0.1e-42.el7_1.8
  • M
CVE-2015-1790

<1:1.0.1e-42.el7_1.8
  • M
Use of a Broken or Risky Cryptographic Algorithm

*
  • M
Out-of-bounds Read

<1:1.0.1e-42.el7_1.8
  • M
Race Condition

<1:1.0.1e-42.el7_1.8
  • M
Reachable Assertion

<1:1.0.1e-42.el7_1.4
  • M
Integer Overflow or Wraparound

<1:1.0.1e-42.el7_1.4
  • M
Out-of-bounds Write

<1:1.0.1e-42.el7_1.4
  • M
Untrusted Pointer Dereference

<1:1.0.1e-42.el7_1.4
  • M
Information Exposure

<1:1.0.1e-42.el7_1.4
  • M
Use After Free

<1:1.0.1e-42.el7_1.4
  • M
NULL Pointer Dereference

<1:1.0.1e-42.el7_1.4
  • M
NULL Pointer Dereference

<1:1.0.1e-42.el7_1.4
  • M
Information Exposure

<1:1.0.1e-42.el7_1.4
  • M
Cryptographic Issues

<1:1.0.1e-34.el7_0.7
  • M
Cryptographic Issues

<1:1.0.1e-34.el7_0.7
  • M
Use of a Broken or Risky Cryptographic Algorithm

<1:1.0.1e-34.el7_0.7
  • M
Cryptographic Issues

<1:1.0.1e-34.el7_0.7
  • M
Cryptographic Issues

<1:1.0.1e-34.el7_0.7
  • M
CVE-2014-3571

<1:1.0.1e-34.el7_0.7
  • M
Memory Leak

<1:1.0.1e-34.el7_0.7
  • M
NULL Pointer Dereference

<1:1.0.1e-34.el7_0.4
  • H
Memory Leak

<1:1.0.1e-34.el7_0.6
  • H
Memory Leak

<1:1.0.1e-34.el7_0.6
  • M
Missing Authorization

<1:1.0.1e-34.el7_0.4
  • M
Memory Leak

<1:1.0.1e-34.el7_0.4
  • M
Race Condition

<1:1.0.1e-34.el7_0.4
  • M
Detection of Error Condition Without Action

<1:1.0.1e-34.el7_0.4
  • M
Information Exposure

<1:1.0.1e-34.el7_0.4
  • M
Operation on a Resource after Expiration or Release

<1:1.0.1e-34.el7_0.4
  • H
NULL Pointer Dereference

<1:1.0.1e-34.el7_0.3
  • H
Out-of-Bounds

<1:1.0.1e-34.el7_0.3
  • H
Use After Free

<1:1.0.1e-34.el7_0.3
  • H
Improper Enforcement of Behavioral Workflow

<1:1.0.1e-34.el7_0.3
  • H
Resource Exhaustion

<1:1.0.1e-34.el7_0.3
  • H
NULL Pointer Dereference

<1:1.0.1e-34.el7_0.3
  • H
NULL Pointer Dereference

<1:1.0.2k-21.el7_9
  • L
Improper Certificate Validation

*
  • L
Information Exposure

*
  • L
Integer Overflow or Wraparound

*
  • M
Client-Side Enforcement of Server-Side Security

*
  • M
Covert Timing Channel

<1:1.0.2k-16.el7_6.1
  • M
Covert Timing Channel

<1:1.0.2k-19.el7
  • M
Uncontrolled Recursion

<1:1.0.2k-16.el7
  • M
Information Exposure

<1:1.0.2k-16.el7
  • M
Covert Timing Channel

<1:1.0.2k-16.el7
  • M
Missing Required Cryptographic Step

<1:1.0.2k-16.el7
  • M
Out-of-bounds Read

<1:1.0.2k-16.el7
  • M
Covert Timing Channel

<1:1.0.2k-8.el7
  • M
Integer Overflow or Wraparound

<1:1.0.2k-22.el7_9
  • M
NULL Pointer Dereference

<1:1.0.2k-22.el7_9
  • L
Covert Timing Channel

*
  • M
Missing Required Cryptographic Step

<1:1.0.2k-19.el7
  • M
Information Exposure

<1:1.0.2k-16.el7_6.1