openssl-libs vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the openssl-libs package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
L Information Exposure	<1:1.1.1k-12.el8_9
L Improper Certificate Validation	*
L Covert Timing Channel	*
L Information Exposure	<1:1.1.1k-14.el8_6
L Use After Free	*
L Resource Exhaustion	*
L NULL Pointer Dereference	*
L Missing Required Cryptographic Step	<1:1.1.1k-12.el8_9
L Excessive Iteration	<1:1.1.1k-12.el8_9
L Resource Exhaustion	<1:1.1.1k-12.el8_9
L Resource Exhaustion	*
M Improper Certificate Validation	*
L Improper Certificate Validation	*
L Resource Exhaustion	*
H Incorrect Type Conversion or Cast	<1:1.1.1k-9.el8_7
H Use After Free	<1:1.1.1k-9.el8_7
H Double Free	<1:1.1.1k-9.el8_7
H Information Exposure	<1:1.1.1k-9.el8_7
M Missing Required Cryptographic Step	<1:1.1.1k-7.el8_6
M Arbitrary Command Injection	<1:1.1.1k-7.el8_6
M Arbitrary Command Injection	<1:1.1.1k-7.el8_6
H Loop with Unreachable Exit Condition ('Infinite Loop')	<1:1.1.1k-6.el8_5
M Out-of-bounds Read	<1:1.1.1k-5.el8_5
H Improper Certificate Validation	<1:1.1.1g-15.el8_3
H NULL Pointer Dereference	<1:1.1.1g-15.el8_3
M Information Exposure	<1:1.1.1c-15.el8
H NULL Pointer Dereference	<1:1.1.1g-12.el8_3
L Reusing a Nonce	<1:1.1.1c-2.el8
M Information Exposure	<1:1.1.1c-15.el8
L Integer Overflow or Wraparound	<1:1.1.1g-11.el8
M Client-Side Enforcement of Server-Side Security	<1:1.1.1c-15.el8
L Covert Timing Channel	<1:1.1.1c-2.el8
L Covert Timing Channel	<1:1.1.1c-2.el8
M Integer Overflow or Wraparound	<1:1.1.1k-4.el8
M NULL Pointer Dereference	<1:1.1.1k-4.el8