Vulnerabilities in OpenSSL
117 resultsCVE-2022-1473HIGHResource leakage when decoding certificates and keysEPSS 2.3%CVE-2025-9232MEDIUMOut-of-bounds read in HTTP client no_proxy handlingEPSS 2.0%CVE-2022-2097—AES OCB fails to encrypt some bytesEPSS 2.0%CVE-2023-0216HIGHInvalid pointer dereference in d2i_PKCS7 functionsEPSS 1.9%CVE-2023-0401HIGHNULL dereference during PKCS7 data verificationEPSS 1.9%CVE-2023-0217HIGHNULL dereference validating DSA public keyEPSS 1.9%CVE-2025-9230HIGHOut-of-bounds read & write in RFC 3211 KEK UnwrapEPSS 1.8%CVE-2023-0466MEDIUMCertificate policy check not enabledEPSS 1.6%CVE-2023-0465MEDIUMInvalid certificate policies in leaf certificates are silently ignoredEPSS 1.6%CVE-2022-4203MEDIUMX.509 Name Constraints Read Buffer OverflowEPSS 1.5%CVE-2022-3996HIGHX.509 Policy Constraints Double LockingEPSS 1.2%CVE-2019-1547—ECDSA remote timing attackEPSS 1.2%CVE-2024-4603MEDIUMExcessive time spent checking DSA keys and parametersEPSS 1.1%CVE-2022-1343MEDIUMOCSP_basic_verify may incorrectly verify the response signing certificateEPSS 1.1%CVE-2026-31790HIGHIncorrect Failure Handling in RSA KEM RSASVE EncapsulationEPSS 1.0%CVE-2022-1434—Incorrect MAC key used in the RC4-MD5 ciphersuiteEPSS 1.0%CVE-2023-1255MEDIUMInput buffer over-read in AES-XTS implementation on 64 bit ARMEPSS 1.0%CVE-2026-28388HIGHNULL Pointer Dereference When Processing a Delta CRLEPSS 0.9%CVE-2023-4807HIGHPOLY1305 MAC implementation corrupts XMM registers on WindowsEPSS 0.9%CVE-2025-69421HIGHNULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex functionEPSS 0.8%