VYPR

OpenSSL

by OpenSSL Project

TLS/SSL and cryptography toolkit.

libraryLicense: Apache-2.0WebsiteDocsChangelog

Source repositories

CVEs (378)

  • CVE-2023-5678MedNov 6, 2023
    risk 0.34cvss 5.3epss 0.04

    Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise,…

  • CVE-2026-42771MedJun 9, 2026
    risk 0.33cvss 6.2epss 0.00

    Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen. Impact summary: This out of bounds read will not directly exfiltrate the data read…

  • CVE-2016-0702MedMar 3, 2016
    risk 0.33cvss 5.1epss 0.02

    The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a…

  • CVE-2014-3566LowOct 15, 2014
    risk 0.33cvss 3.4epss 1.00

    The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

  • CVE-2024-2511MedApr 8, 2024
    risk 0.32cvss 5.9epss 0.54

    Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This…

  • CVE-2026-42767MedJun 9, 2026
    risk 0.31cvss 5.9epss 0.00

    Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker…

  • CVE-2026-42766MedJun 9, 2026
    risk 0.31cvss 5.9epss 0.01

    Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgori…

  • CVE-2025-68160MedJan 27, 2026
    risk 0.31cvss 4.7epss 0.00

    Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results…

  • CVE-2025-9232MedSep 30, 2025
    risk 0.31cvss 5.9epss 0.02

    Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'no_proxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read…

  • CVE-2023-6237MedApr 25, 2024
    risk 0.31cvss 5.9epss 0.02

    Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an…

  • CVE-2016-0701LowFeb 15, 2016
    risk 0.31cvss 3.7epss 0.84

    The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple…

  • CVE-2024-0727MedJan 26, 2024
    risk 0.29cvss 5.5epss 0.03

    Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can…

  • CVE-2016-20012MedSep 15, 2021
    risk 0.28cvss 5.3epss 0.05

    OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a…

  • CVE-2026-42769MedJun 9, 2026
    risk 0.27cvss 5.3epss 0.00

    Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration…

  • CVE-2026-35414MedApr 2, 2026
    risk 0.27cvss 4.2epss 0.00

    OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.

  • CVE-2024-4603MedMay 16, 2024
    risk 0.27cvss 5.3epss 0.01

    Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or…

  • CVE-2026-35188MedJun 9, 2026
    risk 0.26cvss 5.0epss 0.00

    Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the status_request extension, triggering a double-free in the client's certificate verification path. Impact summary: Successful exploitation allows an attacker to corrupt…

  • CVE-2025-69418MedJan 27, 2026
    risk 0.26cvss 4.0epss 0.00

    Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15…

  • CVE-2026-45446MedJun 9, 2026
    risk 0.24cvss 4.8epss 0.00

    Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with…

  • CVE-2021-36368LowMar 13, 2022
    risk 0.24cvss 3.7epss 0.02

    An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether…

Page 7 of 19