openssl vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-45784Mediumopenssl: rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphersCVE-2026-44662Mediumopenssl: rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-paddingCVE-2026-42327Highopenssl: rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLsCVE-2026-41676Highopenssl: rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1CVE-2026-41677Lowopenssl: rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized lengthCVE-2026-41678Highopenssl: rust-openssl has incorrect bounds assertion in aes key wrapCVE-2026-41681Highopenssl: rust-openssl: rustMdCtxRef::digest_final() writes past caller buffer with no length checkCVE-2026-41898Highopenssl: rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peerGHSA-4FCV-W3QC-PPGGMediumopenssl: rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch`CVE-2025-24898Mediumopenssl: rust-openssl ssl::select_next_proto use after freeGHSA-Q445-7M23-QRMWMediumopenssl: openssl's `MemBio::get_buf` has undefined behavior with empty buffersGHSA-XPHF-CX8H-7Q9GMediumopenssl: `openssl` `X509StoreRef::objects` is unsoundCVE-2023-49210Criticalopenssl: openssl npm package vulnerable to command executionCVE-2023-53159Mediumopenssl: `openssl` `X509VerifyParamRef::set_host` buffer over-readGHSA-3GXF-9R58-2GHGMediumopenssl: `openssl` `X509NameBuilder::build` returned object is not thread safeGHSA-9QWG-CRG9-M2VCHighopenssl: `openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file readGHSA-6HCF-G6GR-HHCRHighopenssl: `openssl` `X509Extension::new` and `X509Extension::new_nid` null pointer dereferenceCVE-2017-14033Highopenssl: Ruby OpenSSL DoS VulnerabilityCVE-2018-16395Criticalopenssl: Ruby Openssl Allows Incorrect Value ComparisonCVE-2018-20997Criticalopenssl: Use after free in opensslCVE-2016-10931Highopenssl: Improper Certificate Validation in opensslCVE-2016-7798Highopenssl: OpenSSL gem for Ruby using inadequate encryption strength

Stop the waste.
Protect your environment with Kodem.