Homepage

openssl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the openssl package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2024-5535

<3.3.2-1
  • H
CVE-2023-5363

<3.0.12-1
  • M
Improper Check for Unusual or Exceptional Conditions

<3.0.12-2
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<3.0.8-1
  • H
NULL Pointer Dereference

<3.0.8-1
  • L
CVE-2024-4603

<3.2.2-1
  • L
CVE-2024-13176

<3.4.1-1
  • M
Integer Overflow or Wraparound

<1.1.1j-1
  • L
CVE-2024-4741

<3.2.2-1
  • M
Out-of-bounds Write

<3.1.5-1
  • L
CVE-2025-4575

<3.5.0-2
  • L
CVE-2024-12797

<3.4.1-1
  • M
Out-of-bounds Read

<3.0.9-1
  • M
Excessive Iteration

<3.0.10-1
  • M
Improper Certificate Validation

<3.0.9-1
  • M
Information Exposure

<3.0.8-1
  • H
Buffer Overflow

<3.0.7-1
  • M
CVE-2024-0727

<3.1.5-1
  • H
Improper Locking

<3.0.7-2
  • H
Improper Certificate Validation

<3.0.9-1
  • L
Use of a Broken or Risky Cryptographic Algorithm

<1.1.0h-3
  • L
Information Exposure

<1.1.0h-1
  • M
Improper Authentication

<3.0.10-1
  • L
Information Exposure

<1.1.1e-1
  • L
Use of a Broken or Risky Cryptographic Algorithm

<1.1.1d-1
  • H
Improper Access Control

<1.1.0c-1
  • M
NULL Pointer Dereference

<1.1.1k-1
  • C
Buffer Overflow

<1.1.1l-1
  • H
Double Free

<3.0.8-1
  • H
Integer Overflow or Wraparound

<1.1.1j-1
  • M
Use of Insufficiently Random Values

<1.1.1d-1
  • M
Information Exposure

<1.1.0d-1
  • H
OS Command Injection

<3.0.4-1
  • M
Information Exposure

<1.1.1~~pre9-1
  • H
Out-of-bounds Read

<1.0.2i-1
  • H
OS Command Injection

<1.1.1o-1
  • L
Cryptographic Issues

<1.0.2b-1
  • C
CVE-2016-0705

<1.0.2g-1
  • M
Information Exposure

<1.1.0b-2
  • M
Numeric Errors

<1.0.2e-1
  • M
Information Exposure

<1.0.0c-2
  • C
Out-of-bounds Write

<1.0.2i-1
  • M
Out-of-Bounds

<1.1.0g-1
  • H
Improper Input Validation

<1.0.2i-1
  • M
Cryptographic Issues

<1.0.0c-2
  • M
Resource Management Errors

<1.0.2b-1
  • L
Integer Overflow or Wraparound

<1.0.2i-1
  • M
Key Management Errors

<1.0.2a-1
  • M
Uncontrolled Recursion

<1.1.0h-1
  • M
Use of a Broken or Risky Cryptographic Algorithm

<1.1.1a-1
  • M
Race Condition

<1.0.2b-1
  • M
Information Exposure

<1.0.1i-1
  • H
NULL Pointer Dereference

<1.1.0c-1
  • M
Cryptographic Issues

<1.0.1j-1
  • H
Resource Management Errors

<1.0.2i-1
  • L
Key Management Errors

<1.1.0c-1
  • C
Out-of-Bounds

<1.0.2g-1
  • M
Out-of-bounds Read

<1.0.2i-1
  • H
Numeric Errors

<1.0.2h-1
  • M
Cryptographic Issues

<1.0.1e-5
  • M
Out-of-Bounds

<1.0.1h-1
  • H
Numeric Errors

<1.0.2i-1
  • H
Out-of-Bounds

<1.0.1a-1
  • H
Out-of-Bounds

<1.0.2b-1
  • M
Code

<1.0.1k-2
  • M
Cryptographic Issues

<1.0.0c-2
  • M
CVE-2014-3571

<1.0.1k-1
  • H
Resource Management Errors

<1.0.2g-1
  • L
Resource Management Errors

<1.0.0f-1
  • H
Information Exposure

<1.0.2e-1
  • C
Out-of-Bounds

<1.0.2c-1
  • M
Resource Management Errors

<1.0.1h-1
  • H
CVE-2016-0797

<1.0.2g-1
  • M
Improper Input Validation

<1.0.1j-1
  • L
Cryptographic Issues

<1.0.1g-1
  • L
CVE-2024-2511

<3.2.2-1
  • M
Resource Management Errors

<1.0.1i-1
  • M
CVE-2015-0288

<1.0.1k-2
  • M
CVE-2015-0289

<1.0.1k-2
  • M
Improper Input Validation

<1.0.1f-1
  • M
CVE-2010-4180

<0.9.8o-4
  • M
CVE-2014-3505

<1.0.1i-1
  • L
CVE-2025-27587

<3.5.0-1
  • M
CVE-2015-0209

<1.0.1k-2
  • M
Cryptographic Issues

<0.9.8a-1
  • L
Cryptographic Issues

<1.0.1e-1
  • M
Race Condition

<1.0.2d-1
  • L
Cryptographic Issues

<1.0.0e-1
  • M
CVE-2014-3569

<1.0.1k-1
  • M
Improper Input Validation

<0.9.8g-15
  • L
Inadequate Encryption Strength

<1.0.0d-1
  • M
Resource Management Errors

<1.0.0e-1
  • M
Resource Management Errors

<1.0.0h-1
  • L
Cryptographic Issues

<0.9.8k-4
  • L
Numeric Errors

<0.9.8f-1
  • M
NULL Pointer Dereference

<0.9.8c-2
  • H
Improper Certificate Validation

<1.1.1k-1
  • L
Resource Management Errors

<0.9.8o-2
  • M
Race Condition

<1.0.1i-1
  • L
Use of a Broken or Risky Cryptographic Algorithm

<1.1.1c-1
  • M
Inefficient Regular Expression Complexity

<3.0.10-1
  • M
Cryptographic Issues

<0.9.8k-1
  • H
Out-of-Bounds

<1.0.1i-1
  • L
Resource Management Errors

<0.9.8k-8
  • M
CVE-2003-0544

<0.9.7c
  • L
CVE-2009-1386

<0.9.8k-1
  • L
Cryptographic Issues

<1.1.0b-2
  • L
CVE-2005-2969

<0.9.8-3
  • M
Cryptographic Issues

<0.9.8b-3
  • H
NULL Pointer Dereference

<1.1.1g-1
  • H
CVE-2004-0079

<0.9.7d-1
  • M
Numeric Errors

<1.0.1c-1
  • H
Resource Management Errors

<1.0.0c-1
  • M
CVE-2003-0147

<0.9.7b-1
  • L
Cryptographic Issues

<1.0.0h-1
  • M
Information Exposure

<1.1.0g-1
  • M
Access Restriction Bypass

<1.0.0e-1
  • H
Resource Exhaustion

<1.0.2j-1
  • L
Out-of-Bounds

<0.9.8g-16
  • H
Race Condition

<0.9.8o-3
  • L
Information Exposure

<1.0.2i-1
  • H
Numeric Errors

<1.0.2h-1
  • M
Information Exposure

<1.0.2e-1
  • M
Improper Input Validation

<0.9.8n-1
  • L
Resource Management Errors

<0.9.8o-5
  • M
Cryptographic Issues

<0.9.8k-6
  • L
CVE-2024-9143

<3.3.2-2
  • M
Improper Input Validation

<1.0.0c-2
  • L
CVE-2023-6237

<3.1.5-1
  • M
Cryptographic Issues

<1.0.1k-1
  • L
Cryptographic Issues

<0.9.8-1
  • C
Out-of-Bounds

<0.9.8c-2
  • H
Resource Management Errors

<0.9.8c-2
  • M
Cryptographic Issues

<1.0.1k-1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<3.3.2-1
  • M
CVE-2014-3510

<1.0.1i-1
  • H
CVE-2002-0656

<0.9.6e-1
  • H
Use After Free

<3.0.8-1
  • M
Allocation of Resources Without Limits or Throttling

<3.0.9-1
  • H
NULL Pointer Dereference

<3.0.8-1
  • M
Resource Management Errors

<1.0.1i-1
  • M
Code

<1.0.1k-2
  • H
NULL Pointer Dereference

<3.0.8-1
  • H
Cryptographic Issues

<0.9.6-1
  • M
CVE-2014-0198

<1.0.1g-4
  • M
Use of a Broken or Risky Cryptographic Algorithm

<3.0.5-1
  • M
CVE-2004-0112

<0.9.7d-1
  • M
Improper Certificate Validation

<3.0.9-1
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<1.1.1n-1
  • H
Out-of-bounds Read

<1.1.1l-1
  • C
Out-of-bounds Write

<3.0.4-2
  • H
Inadequate Encryption Strength

<1.0.1h-1
  • H
NULL Pointer Dereference

<3.0.7-1
  • L
Information Exposure

<1.1.0c-1
  • M
Out-of-bounds Read

<3.0.8-1
  • M
Resource Management Errors

<1.0.0g-1
  • H
Buffer Overflow

<3.0.7-1
  • M
CVE-2021-4160

<1.1.1m-1
  • M
Cryptographic Issues

<1.0.1h-1
  • L
Cryptographic Issues

<1.0.0e-1
  • L
Cryptographic Issues

<1.0.1j-1
  • M
Use of a Broken or Risky Cryptographic Algorithm

<1.1.1a-1
  • H
Out-of-bounds Read

<1.1.0d-1
  • L
Key Management Errors

<1.1.1-1
  • M
CVE-2014-5139

<1.0.1i-1
  • H
Improper Input Validation

<1.1.0e-1
  • L
Resource Management Errors

<0.9.8k-1
  • M
CVE-2019-1547

<1.1.1d-1
  • L
CVE-2018-0733

<1.1.0h-1
  • L
Improper Input Validation

<0.9.8m-1
  • L
Cryptographic Issues

<1.0.0f-1
  • M
CVE-2004-0081

<0.9.6d-1
  • H
Resource Management Errors

<1.0.2h-1
  • M
Out-of-bounds Read

<1.1.0b-2
  • M
CVE-2004-0975

<0.9.7e-3
  • M
Cryptographic Issues

<1.0.2h-1
  • C
Out-of-Bounds

<1.0.2g-1
  • M
Information Exposure

<1.0.0c-2
  • M
Numeric Errors

<0.9.8g-10.1
  • M
Information Exposure

<1.0.2g-1
  • H
Resource Management Errors

<1.0.2i-1
  • M
Security Features

<1.0.2d-1
  • H
NULL Pointer Dereference

<1.0.2j-1
  • C
Out-of-bounds Write

<1.0.2i-1
  • H
NULL Pointer Dereference

<1.1.0d-1
  • M
NULL Pointer Dereference

<1.1.1i-1
  • M
CVE-2002-0659

<0.9.6e-1
  • M
Improper Data Handling

<1.0.1f-1
  • H
CVE-2015-3194

<1.0.2e-1
  • H
Out-of-Bounds

<1.0.1h-1
  • M
Resource Management Errors

<1.0.2b-1
  • H
Out-of-Bounds

<1.0.1h-1
  • M
Cryptographic Issues

<1.0.1k-1
  • L
Information Exposure

<1.0.2f-2
  • M
Improper Input Validation

<1.0.1j-1
  • L
Race Condition

<1.0.1g-3
  • M
CVE-2015-1790

<1.0.2b-1
  • M
Cryptographic Issues

<1.0.1k-1
  • M
Out-of-Bounds

<1.0.1k-1
  • M
Cryptographic Issues

<1.0.1e-1
  • M
Cryptographic Issues

<1.0.1e-1
  • L
Resource Management Errors

<1.0.0h-1
  • M
CVE-2014-3511

<1.0.1i-1
  • L
Cryptographic Issues

<1.0.1e-5
  • M
Cryptographic Issues

<1.0.1k-1
  • L
Resource Management Errors

<0.9.8k-1
  • H
Cryptographic Issues

<0.9.8g-9
  • M
Cryptographic Issues

<1.0.0f-1
  • M
Improper Authentication

<0.9.8g-10.1
  • M
Resource Management Errors

<1.0.0f-1
  • M
Cryptographic Issues

<0.9.8o-4squeeze3
  • H
Improper Authentication

<0.9.8-1
  • H
CVE-2003-0131

<0.9.7b-1
  • H
Resource Management Errors

<0.9.8c-2
  • M
CVE-2002-1568

<0.9.6g-1
  • L
Cryptographic Issues

<1.0.1e-5
  • L
Resource Management Errors

<0.9.8k-2
  • H
CVE-2002-0655

<0.9.6e-1
  • H
Out-of-Bounds

<1.0.1g-1
  • L
Out-of-Bounds

<0.9.8k-1
  • H
CVE-2002-0657

<0.9.6e-1
  • M
CVE-2006-7250

<1.0.0h-1
  • L
Numeric Errors

<0.9.8e-9
  • L
CVE-2007-3108

<0.9.8e-6
  • M
CVE-2003-0543

<0.9.7c
  • M
CVE-2003-0078

<0.9.7a-1
  • C
Out-of-Bounds

<0.9.7c