Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

SSL/TLS Library

OpenSSL

OpenSSL is a robust commercial-grade and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols.

Official Site:

https://www.openssl.org/

Severity Summary:

Critical: 17 High: 68 Medium: 146 Low: 14
Reference
Title
Severity
CVE-2016-6309
OpenSSL Use After Free Vulnerability
Critical
CVE-2021-3711
OpenSSL Buffer Copy without Checking Size of Input (Classic Buffer Overflow) Vulnerability
Critical
CVE-2016-6303
OpenSSL Out-of-bounds Write Vulnerability
Critical
CVE-2007-4995
OpenSSL Numeric Errors Vulnerability
Critical
CVE-2016-2182
OpenSSL Out-of-bounds Write Vulnerability
Critical
CVE-2022-2274
OpenSSL Out-of-bounds Write Vulnerability
Critical
CVE-2003-0545
OpenSSL Double Free Vulnerability
Critical
CVE-2011-4109
OpenSSL Resource Management Errors Vulnerability
Critical
CVE-2022-2068
OpenSSL Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Critical
CVE-2016-0705
OpenSSL Other Vulnerability
Critical
CVE-2006-3738
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Critical
CVE-2022-1292
OpenSSL Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Critical
CVE-2016-2177
OpenSSL Integer Overflow or Wraparound Vulnerability
Critical
CVE-2016-0799
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Critical
CVE-2016-2842
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Critical
CVE-2016-2108
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Critical
CVE-2009-3245
OpenSSL Improper Input Validation Vulnerability
Critical
CVE-2015-3194
OpenSSL Other Vulnerability
High
CVE-2009-0653
OpenSSL Improper Authentication Vulnerability
High
CVE-2020-1967
OpenSSL NULL Pointer Dereference Vulnerability
High
CVE-2015-3193
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2021-23840
OpenSSL Integer Overflow or Wraparound Vulnerability
High
CVE-2012-2131
OpenSSL Numeric Errors Vulnerability
High
CVE-2005-2946
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability
High
CVE-2008-0166
OpenSSL Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability
High
CVE-2016-2105
OpenSSL Numeric Errors Vulnerability
High
CVE-2000-1254
OpenSSL Cryptographic Issues Vulnerability
High
CVE-2023-5363
OpenSSL Vulnerability
High
CVE-2022-3602
OpenSSL Out-of-bounds Write Vulnerability
High
CVE-2010-4252
OpenSSL Improper Authentication Vulnerability
High