openssl security advisories
3 threat alerts tracking vulnerabilities and security advisories that affect openssl products.
Vulnios monitors openssl CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent openssl security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2016-6309 — openssl — openssl
statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrar
criticalCVE-2016-6309Critical Vulnerability: CVE-2016-2842 — openssl — openssl
The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to caus
criticalCVE-2016-2842Critical Vulnerability: CVE-2003-0545 — openssl — openssl
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 e
criticalCVE-2003-0545
Track openssl exposure across your environment
Vulnios automatically cross-references your asset inventory against new openssl CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan