Homepage

openssl vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the openssl package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2024-4603

<1:3.2.2-6.0.1.el9_5
  • L
CVE-2024-5535

<1:3.2.2-6.0.1.el9_5
  • L
CVE-2024-4741

<1:3.2.2-6.0.1.el9_5
  • L
CVE-2024-2511

<1:3.2.2-6.0.1.el9_5
  • M
CVE-2024-6119

<2:3.0.7-28.0.1.ksplice1.el9_4
  • L
Improper Authentication

<1:3.0.7-27.0.3.el9
  • L
Improper Check for Unusual or Exceptional Conditions

<1:3.0.7-27.0.3.el9
  • L
CVE-2023-6237

<1:3.0.7-27.0.3.el9
  • L
Excessive Iteration

<1:3.0.7-27.0.3.el9
  • L
Inefficient Regular Expression Complexity

<1:3.0.7-27.0.3.el9
  • L
CVE-2024-0727

<1:3.0.7-27.0.3.el9
  • L
Out-of-bounds Write

<1:3.0.7-27.0.3.el9
  • H
CVE-2023-5363

<2:3.0.7-25.0.1.ksplice1.el9_3
  • M
Improper Certificate Validation

<1:3.0.7-16.0.1.el9_2
  • M
Allocation of Resources Without Limits or Throttling

<1:3.0.7-16.0.1.el9_2
  • M
Improper Certificate Validation

<1:3.0.7-16.0.1.el9_2
  • M
Out-of-bounds Read

<1:3.0.7-16.0.1.el9_2
  • M
Improper Certificate Validation

<1:3.0.7-16.0.1.el9_2
  • L
NULL Pointer Dereference

<1:3.0.7-6.0.1.el9_2
  • M
Double Free

<2:3.0.1-47.0.1.ksplice1.el9_1
  • M
NULL Pointer Dereference

<2:3.0.1-47.0.1.ksplice1.el9_1
  • M
Use After Free

<2:3.0.1-47.0.1.ksplice1.el9_1
  • M
Information Exposure

<2:3.0.1-47.0.1.ksplice1.el9_1
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

<2:3.0.1-47.0.1.ksplice1.el9_1
  • M
NULL Pointer Dereference

<2:3.0.1-47.0.1.ksplice1.el9_1
  • M
Out-of-bounds Read

<1:3.0.1-47.0.1.el9_1
  • M
NULL Pointer Dereference

<2:3.0.1-47.0.1.ksplice1.el9_1
  • H
Buffer Overflow

<2:3.0.1-41.0.3.ksplice1.el9
  • H
Out-of-bounds Write

<2:3.0.1-41.0.3.ksplice1.el9
  • M
Incomplete Cleanup

<2:3.0.1-41.0.1.ksplice1.el9_0
  • M
Improper Certificate Validation

<2:3.0.1-41.0.1.ksplice1.el9_0
  • M
OS Command Injection

<2:3.0.1-41.0.1.ksplice1.el9_0
  • M
Use of a Broken or Risky Cryptographic Algorithm

<2:3.0.1-41.0.1.ksplice1.el9_0
  • M
OS Command Injection

<2:3.0.1-41.0.1.ksplice1.el9_0