openssl vulnerabilities

Known vulnerabilities in the openssl package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Use After Free	*
L Use After Free	*
L Covert Timing Channel	*
M Use After Free	*
M Out-of-bounds Read	*
M Arbitrary Command Injection	*
M Arbitrary Command Injection	*
M Arbitrary Command Injection	*
M Arbitrary Command Injection	*
L Information Exposure	*
L Covert Timing Channel	*
L Covert Timing Channel	*
L Covert Timing Channel	*
L Covert Timing Channel	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
L Information Exposure	*
L Information Exposure	*
L Information Exposure	*
L Covert Timing Channel	*
L Covert Timing Channel	*
L Covert Timing Channel	*
M Improper Certificate Validation	*
H Loop with Unreachable Exit Condition ('Infinite Loop')	*
H Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Information Exposure	*
L Information Exposure	*
L Information Exposure	*
L Information Exposure	*
L Improper Certificate Validation	*
L Resource Exhaustion	*
H Out-of-bounds Write	*
M Resource Exhaustion	*
L Improper Certificate Validation	*
L Out-of-bounds Write	*
M NULL Pointer Dereference	*
M Integer Overflow or Wraparound	*
M Information Exposure	*
M Information Exposure	*
M Information Exposure	*
M Information Exposure	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Unchecked Error Condition	*
M Unchecked Error Condition	*
M Unchecked Error Condition	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
M Incorrect Calculation	*
M Incorrect Calculation	*
M Information Exposure	*
M Information Exposure	*
M Information Exposure	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
L Incorrect Calculation	*
L Incorrect Calculation	*
L Incorrect Calculation	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Resource Exhaustion	*
M Resource Exhaustion	*
H Resource Exhaustion	*
H Resource Exhaustion	*
M Covert Timing Channel	*
M Covert Timing Channel	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
M Use of a Broken or Risky Cryptographic Algorithm	*
M Use of a Broken or Risky Cryptographic Algorithm	*
L Improper Input Validation	*
L Improper Input Validation	*
L Improper Input Validation	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
M Information Exposure	*
M Information Exposure	*
M Covert Timing Channel	*
M Covert Timing Channel	*
M Covert Timing Channel	*
L Out-of-bounds Write	*
L Out-of-bounds Write	*
L Out-of-bounds Write	*
L Out-of-bounds Write	*
M Heap-based Buffer Overflow	*
M Heap-based Buffer Overflow	*
M Unchecked Error Condition	*
M Unchecked Error Condition	*
M Unchecked Error Condition	*
M Unchecked Error Condition	*
L Numeric Errors	*
L CVE-2016-0705	*
M Heap-based Buffer Overflow	*
M Heap-based Buffer Overflow	*
L Out-of-Bounds	*
L Out-of-Bounds	*
L Out-of-Bounds	*
L Out-of-Bounds	*
L Race Condition	*
L Race Condition	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
L Use After Free	*
L Information Exposure	*
L NULL Pointer Dereference	*
L NULL Pointer Dereference	*
M Out-of-Bounds	*
M Out-of-Bounds	*
M Out-of-Bounds	*
M NULL Pointer Dereference	*
M Improper Input Validation	*
M Improper Input Validation	*
M Missing Release of Resource after Effective Lifetime	*
M Missing Release of Resource after Effective Lifetime	*
H Information Exposure	*
H Information Exposure	*
H Information Exposure	<0:0.9.8e-12.el5_6.13
H Information Exposure	<0:0.9.7a-43.23.el4
L Information Exposure	<0:0.9.8e-12.el5_6.13
L Information Exposure	<0:0.9.7a-43.23.el4
M Reachable Assertion	<0:0.9.8e-12.el5_6.13
M Reachable Assertion	<0:0.9.7a-43.23.el4
L Cryptographic Issues	*
L Cryptographic Issues	*
L Cryptographic Issues	*
H Out-of-Bounds	*
H Out-of-Bounds	<0:0.9.8e-7.el5_3.2
L Cryptographic Issues	*
H Out-of-Bounds	<0:0.9.7a-43.20.el4
H Out-of-Bounds	<0:0.9.7a-33.28
M CVE-2014-3571	*
M CVE-2014-3571	*
L Cryptographic Issues	*
M Memory Leak	*
L Cryptographic Issues	*
M Information Exposure	<0:0.9.8e-12.el5_6.13
M Information Exposure	<0:0.9.7a-43.23.el4
M Information Exposure	<0:0.9.8e-12.el5_6.13
M Information Exposure	<0:0.9.7a-43.23.el4
L Out-of-bounds Read	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
M Missing Required Cryptographic Step	*
M Missing Required Cryptographic Step	*
M Missing Required Cryptographic Step	*
M Missing Required Cryptographic Step	*
M Integer Overflow or Wraparound	*
H Improper Enforcement of Behavioral Workflow	*
H Improper Enforcement of Behavioral Workflow	*
H Improper Enforcement of Behavioral Workflow	*
H Improper Enforcement of Behavioral Workflow	<0:0.9.8e-12.el5_6.12
H Improper Enforcement of Behavioral Workflow	<0:0.9.7a-43.22.el4
L Race Condition	*
M CVE-2015-1790	*
M Information Exposure	*
M Information Exposure	*
M Information Exposure	*
M Information Exposure	*
L Information Exposure	*
L Information Exposure	*
L Information Exposure	*
L Information Exposure	*
M Missing Required Cryptographic Step	*
M Missing Required Cryptographic Step	*
M Missing Required Cryptographic Step	*
M Missing Required Cryptographic Step	*
M Missing Required Cryptographic Step	*
M Client-Side Enforcement of Server-Side Security	*
M Client-Side Enforcement of Server-Side Security	*
M Client-Side Enforcement of Server-Side Security	*
M Client-Side Enforcement of Server-Side Security	*
M Double Free	*
M Information Exposure	*
M Missing Required Cryptographic Step	*
M Missing Required Cryptographic Step	*
L Use of a Broken or Risky Cryptographic Algorithm	*
M Improper Data Handling	*
M Improper Data Handling	*

Vulnerability

Vulnerable Version

Use After Free