Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

OpenSSL — Vulnerabilities & Security Advisories 122

All 122 CVE vulnerabilities found in OpenSSL, with AI-generated Chinese analysis, references, and POCs.

This page aggregates known vulnerabilities and weaknesses associated with the OpenSSL cryptography toolkit, covering diverse weakness types and associated security tags. It collects data on critical flaws, ranging from buffer overflows and memory corruption issues to logic errors and protocol implementation defects, encompassing reports published over the last ten years. By reviewing this curated collection, users can systematically track a vendor's security advisories as they are released, gain a deeper understanding of a specific weakness class through its manifestation in this widely used software, and inspect a product's comprehensive vulnerability history to identify recurring patterns or legacy risks. The OpenSSL library is foundational to many internet services, making its security posture a high priority for developers, system administrators, and security researchers. This resource provides a centralized view of past incidents, helping stakeholders assess the impact of historical bugs and evaluate the current risk landscape. The entries include details on severity, affected versions, and mitigation strategies where available, offering a structured approach to analyzing the software's security track record. This information is essential for conducting risk assessments, planning patch management cycles, and ensuring compliance with security standards. Understanding the context of these vulnerabilities aids in making informed decisions about software usage and upgrade paths, ultimately contributing to a more secure digital infrastructure.

Vendor: OpenSSL

CVE IDTitleCVSSSeverityPublished
CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT 9.1 -2021-03-25
CVE-2021-23841 Null pointer deref in X509_issuer_and_serial_hash() 5.9 -2021-02-16
CVE-2021-23839 Incorrect SSLv2 rollback protection 7.5 -2021-02-16
CVE-2021-23840 Integer overflow in CipherUpdate 7.5 -2021-02-16
CVE-2020-1971 EDIPARTYNAME NULL pointer dereference 5.9 -2020-12-08
CVE-2020-1968 Raccoon attack 5.9 -2020-09-09
CVE-2020-1967 Segmentation fault in SSL_check_chain 7.5 -2020-04-21
CVE-2019-1551 rsaz_512_sqr overflow bug on x86_64 9.1 -2019-12-06
CVE-2019-1547 ECDSA remote timing attack 5.9 -2019-09-10
CVE-2019-1549 Fork Protection 4.0 -2019-09-10
CVE-2019-1563 Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey 3.7 -2019-09-10
CVE-2019-1552 Windows builds with insecure path defaults 5.5 -2019-07-30
CVE-2019-1543 ChaCha20-Poly1305 with long nonces 7.4 -2019-03-06
CVE-2019-1559 0-byte record padding oracle 3.7 -2019-02-27
CVE-2018-0734 Timing attack against DSA 5.9 -2018-10-30
CVE-2018-0735 Timing attack against ECDSA signature generation 7.5 -2018-10-29
CVE-2016-7056 OpenSSL 加密问题漏洞 CWE-385 5.5 -2018-09-10
CVE-2018-0732 Client DoS due to large DH parameter 7.5 -2018-06-12
CVE-2018-0737 Cache timing vulnerability in RSA Key Generation 5.9 -2018-04-16
CVE-2018-0733 Incorrect CRYPTO_memcmp on HP-UX PA-RISC 5.9 -2018-03-27
CVE-2018-0739 Constructed ASN.1 types with a recursive definition could exceed the stack 7.5 -2018-03-27
CVE-2017-3737 OpenSSL 缓冲区错误漏洞 5.9 -2017-12-07
CVE-2017-3738 OpenSSL 信息泄露漏洞 5.9 -2017-12-07
CVE-2016-8610 OpenSSL 资源管理错误漏洞 CWE-400 7.5 -2017-11-13
CVE-2017-3736 OpenSSL 信息泄露漏洞 6.5 -2017-11-02
CVE-2017-3735 OpenSSL 缓冲区错误漏洞 5.3 -2017-08-28
CVE-2016-7053 CMS Null dereference 7.5 -2017-05-04
CVE-2016-7054 ChaCha20/Poly1305 heap-buffer-overflow 7.5 -2017-05-04
CVE-2017-3730 Bad (EC)DHE parameters cause a client crash 7.5 -2017-05-04
CVE-2017-3731 Truncated packet could crash via OOB read 5.9 -2017-05-04

All 122 known CVE vulnerabilities affecting OpenSSL with full Chinese analysis, references, and POCs where available.