Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

OpenSSL — Vulnerabilities & Security Advisories 99

Browse all 99 CVE security advisories affecting OpenSSL. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products OpenSSL:OpenSSLOpenSSL extension of Ruby (Git trunk)
CVE IDTitleCVSSSeverityPaused
CVE-2022-2068 The c_rehash script allows command injection — OpenSSL 9.8 -2022-06-21
CVE-2022-1473 Resource leakage when decoding certificates and keys — OpenSSL 7.5 -2022-05-03
CVE-2022-1434 Incorrect MAC key used in the RC4-MD5 ciphersuite — OpenSSL 5.9 -2022-05-03
CVE-2022-1343 OCSP_basic_verify may incorrectly verify the response signing certificate — OpenSSL 9.1 -2022-05-03
CVE-2022-1292 The c_rehash script allows command injection — OpenSSL 9.8 -2022-05-03
CVE-2022-0778 Infinite loop in BN_mod_sqrt() reachable when parsing certificates — OpenSSL 7.5 -2022-03-15
CVE-2021-4160 BN_mod_exp may produce incorrect results on MIPS — OpenSSL 5.9 -2022-01-28
CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl — OpenSSL 7.5 -2021-12-14
CVE-2021-3712 Read buffer overruns processing ASN.1 strings — OpenSSL 7.4 -2021-08-24
CVE-2021-3711 SM2 Decryption Buffer Overflow — OpenSSL 9.8 -2021-08-24
CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT — OpenSSL 9.1 -2021-03-25
CVE-2021-3449 NULL pointer deref in signature_algorithms processing — OpenSSL 5.9 -2021-03-25
CVE-2021-23841 Null pointer deref in X509_issuer_and_serial_hash() — OpenSSL 5.9 -2021-02-16
CVE-2021-23840 Integer overflow in CipherUpdate — OpenSSL 7.5 -2021-02-16
CVE-2021-23839 Incorrect SSLv2 rollback protection — OpenSSL 7.5 -2021-02-16
CVE-2020-1971 EDIPARTYNAME NULL pointer dereference — OpenSSL 5.9 -2020-12-08
CVE-2020-1968 Raccoon attack — OpenSSL 5.9 -2020-09-09
CVE-2020-1967 Segmentation fault in SSL_check_chain — OpenSSL 7.5 -2020-04-21
CVE-2019-1551 rsaz_512_sqr overflow bug on x86_64 — OpenSSL 9.1 -2019-12-06
CVE-2011-4121 Ruby OpenSSL extension 加密问题漏洞 — OpenSSL extension of Ruby (Git trunk) 8.1 -2019-11-26
CVE-2019-1549 Fork Protection — OpenSSL 4.0 -2019-09-10
CVE-2019-1547 ECDSA remote timing attack — OpenSSL 5.9 -2019-09-10
CVE-2019-1563 Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey — OpenSSL 3.7 -2019-09-10
CVE-2019-1552 Windows builds with insecure path defaults — OpenSSL 5.5 -2019-07-30
CVE-2019-1543 ChaCha20-Poly1305 with long nonces — OpenSSL 7.4 -2019-03-06
CVE-2019-1559 0-byte record padding oracle — OpenSSL 3.7 -2019-02-27
CVE-2018-0734 Timing attack against DSA — OpenSSL 5.9 -2018-10-30
CVE-2018-0735 Timing attack against ECDSA signature generation — OpenSSL 7.5 -2018-10-29
CVE-2018-0732 Client DoS due to large DH parameter — OpenSSL 7.5 -2018-06-12
CVE-2018-0737 Cache timing vulnerability in RSA Key Generation — OpenSSL 5.9 -2018-04-16

This page lists every published CVE security advisory associated with OpenSSL. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.