openssl

298 tracked vulnerabilities.

CVE-2024-0727 MEDIUM
OpenSSL 1.0.2-1.0.2zj, 1.1.1-1.1.1w, 3.0.0-3.0.12, 3.1.0-3.1.4, 3.2.0 - DoS via PKCS12 NULL Pointer Dereference
Jan 26, 2024
CVSS 5.5
EPSS 0.03
CVE-2023-6237 MEDIUM
OpenSSL 3.0.0-3.0.12, 3.1.0-3.1.4, 3.2.0 - Denial of Service via RSA Public Key Validation
Apr 25, 2024
CVSS 5.9
EPSS 0.02
CVE-2023-6129 MEDIUM
OpenSSL - PowerPC CPU - Memory Corruption
Jan 09, 2024
CVSS 6.5
EPSS 0.02
CVE-2023-5678 MEDIUM
OpenSSL 1.0.2-1.0.2zj, 1.1.1-1.1.1x, 3.0.0-3.0.13, 3.1.0-3.1.5 - DoS via Excessive X9.42 DH Key Length
Nov 06, 2023
CVSS 5.3
EPSS 0.04
CVE-2023-5363 HIGH
OpenSSL 3.0.0-3.0.11 and 3.1.0-3.1.3 - Loss of Confidentiality via IV Truncation in Symmetric Cipher Initialization
Oct 25, 2023
CVSS 7.5
EPSS 0.03
CVE-2023-4807 HIGH
OpenSSL 1.1.1-1.1.1w - Denial of Service via POLY1305 MAC State Corruption on Windows 64
Sep 08, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-3817 MEDIUM
OpenSSL 3.0.0-3.0.9 - Denial of Service via DH Parameter Check
Jul 31, 2023
CVSS 5.3
EPSS 0.03
CVE-2023-3446 MEDIUM
OpenSSL - Denial of Service via DH Parameter Check
Jul 19, 2023
CVSS 5.3
EPSS 0.06
CVE-2023-2975 MEDIUM
OpenSSL 3.0.0-3.0.8 - Improper Authentication in AES-SIV Cipher
Jul 14, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-2650 MEDIUM
OpenSSL - Denial of Service via ASN.1 Object Identifier Processing
May 30, 2023
CVSS 6.5
EPSS 0.75
CVE-2023-1255 MEDIUM
OpenSSL 3.0.0-3.0.8 - Denial of Service via AES-XTS Cipher Decryption Buffer Overread
Apr 20, 2023
CVSS 5.9
EPSS 0.01
CVE-2023-0466 MEDIUM
OpenSSL 1.0.2-1.0.2zh - Improper Certificate Validation via X509_VERIFY_PARAM_add0_policy
Mar 28, 2023
CVSS 5.3
EPSS 0.02
CVE-2023-0465 MEDIUM
OpenSSL 1.0.2-1.0.2zh - Improper Certificate Validation via Policy Processing
Mar 28, 2023
CVSS 5.3
EPSS 0.02
CVE-2023-0464 HIGH
OpenSSL 1.0.2-1.0.2zh - Denial of Service via Malicious X.509 Certificate Chain with Policy Constraints
Mar 22, 2023
CVSS 7.5
EPSS 0.04
CVE-2023-0401 HIGH
OpenSSL 3.0.0-3.0.6 - NULL Pointer Dereference in PKCS7 Signature Verification
Feb 08, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-0286 HIGH
OpenSSL 1.0.2-1.0.2zg - Type Confusion in X.400 Address Processing
Feb 08, 2023
CVSS 7.4
EPSS 0.60
CVE-2023-0217 HIGH
OpenSSL 3.0.0-3.0.6 - Denial of Service via Malformed DSA Public Key Check
Feb 08, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-0216 HIGH
OpenSSL 3.0.0-3.0.6 - Denial of Service via Malformed PKCS7 Data
Feb 08, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-0215 HIGH
OpenSSL 1.0.2-1.0.2zg - Use-After-Free in BIO_new_NDEF
Feb 08, 2023
CVSS 7.5
EPSS 0.04
CVE-2022-4203 MEDIUM
OpenSSL 3.0.0-3.0.7 - Out-of-bounds Read in X.509 Name Constraint Checking
Feb 24, 2023
CVSS 4.9
EPSS 0.01
CVE-2022-4450 HIGH
OpenSSL 1.1.1-1.1.1s - Double Free in PEM_read_bio_ex
Feb 08, 2023
CVSS 7.5
EPSS 0.20
CVE-2022-4304 MEDIUM
OpenSSL - Timing Side-Channel Attack in RSA Decryption
Feb 08, 2023
CVSS 5.9
EPSS 0.16
CVE-2022-3996 HIGH
OpenSSL 3.0.0-3.0.6 - Denial of Service via Malformed X.509 Policy Constraint
Dec 13, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-3786 HIGH
OpenSSL 3.0.0-3.0.7 - Buffer Overflow in X.509 Certificate Name Constraint Checking
Nov 01, 2022
CVSS 7.5
EPSS 0.92
CVE-2022-3602 HIGH
OpenSSL 3.0.0-3.0.6 - Buffer Overflow in X.509 Certificate Name Constraint Checking
Nov 01, 2022
CVSS 7.5
EPSS 0.91