openssl-src vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2022-4304Mediumopenssl-src: openssl-src subject to Timing Oracle in RSA DecryptionCVE-2023-0215Highopenssl-src: openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`CVE-2022-4203Criticalopenssl-src: openssl-src contains Read Buffer Overflow in X.509 Name ConstraintCVE-2023-0216Highopenssl-src: openssl-src subject to Invalid pointer dereference in `d2i_PKCS7` functionsCVE-2022-4450Highopenssl-src: openssl-src contains Double free after calling `PEM_read_bio_ex`CVE-2023-0217Highopenssl-src: openssl-src subject to NULL dereference validating DSA public keyCVE-2023-0401Highopenssl-src: openssl-src contains `NULL` dereference during PKCS7 data verificationCVE-2023-0286Highcryptography: Vulnerable OpenSSL included in cryptography wheelsCVE-2022-3996Highopenssl-src: Denial of service by double-checked locking in openssl-srcCVE-2022-3602Criticalopenssl-src: X.509 Email Address 4-byte Buffer OverflowCVE-2022-3786Highopenssl-src: X.509 Email Address Variable Length Buffer OverflowCVE-2022-3358Highopenssl-src: Using a Custom Cipher with `NID_undef` may lead to NULL encryptionCVE-2022-2097Highopenssl-src: AES OCB fails to encrypt some bytesCVE-2022-2274Criticalopenssl-src: openssl-src heap memory corruption with RSA private key operationCVE-2021-3711Criticalopenssl-src: SM2 Decryption Buffer OverflowCVE-2021-3712Highopenssl-src: Read buffer overruns processing ASN.1 stringsCVE-2022-1343Mediumopenssl-src: `OCSP_basic_verify` may incorrectly verify the response signing certificateCVE-2022-1473Highopenssl-src: Resource leakage when decoding certificates and keysCVE-2022-1434Mediumopenssl-src: Incorrect MAC key used in the RC4-MD5 ciphersuiteCVE-2022-0778Highopenssl-src: openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificatesCVE-2021-4044Highopenssl-src: Invalid handling of `X509_verify_cert()` internal errors in libsslCVE-2021-3449Mediumopenssl-src: openssl-src NULL pointer Dereference in signature_algorithms processingCVE-2021-3450Highopenssl-src: Certificate check bypass in openssl-srcCVE-2021-23841Mediumopenssl-src: Integer Overflow in openssl-srcCVE-2021-23840Highopenssl-src: Integer Overflow in openssl-src

Stop the waste.
Protect your environment with Kodem.