OpenSSL_jll
JLSEC-2026-277High 7.5Issue summary: Applications using RSASVE key encapsulation to establish a secret encrypti…JLSEC-2026-276Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string…JLSEC-2026-275High 7.5No summary availableJLSEC-2026-274High 7.5Issue summary: During processing of a crafted CMS EnvelopedData message with...JLSEC-2026-273High 7.5No summary availableJLSEC-2026-272No summary availableJLSEC-2026-271High 7.5Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key…JLSEC-2026-270Medium 5.3Issue summary: A type confusion vulnerability exists in the signature verification of sig…JLSEC-2026-269Medium 5.5Issue summary: An invalid or NULL pointer dereference can happen in an application proces…JLSEC-2026-265High 7.5Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference…JLSEC-2026-264High 7.5Issue summary: A type confusion vulnerability exists in the TimeStamp Response verificati…JLSEC-2026-263High 7.4Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#1…JLSEC-2026-262Medium 4.0Issue summary: When using the low-level OCB API directly with AES-NI or<br>other hardware…JLSEC-2026-261Medium 4.7Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering…JLSEC-2026-260Medium 5.9Issue summary: A TLS 1.3 connection using certificate compression can be forced to alloca…JLSEC-2026-258Medium 5.5Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB…JLSEC-2026-257Medium 5.9Issue summary: If an application using the SSL_CIPHER_find() function in a QUIC protocol …JLSEC-2026-256High 8.8Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parame…JLSEC-2026-255Medium 6.1Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigge…JLSEC-2026-268Medium 5.9Issue summary: An application using the OpenSSL HTTP client API functions may trigger an …JLSEC-2026-267Medium 6.5Issue summary: A timing side-channel which could potentially allow remote recovery of the…JLSEC-2026-266High 7.5No summary availableJLSEC-2026-259Medium 6.5Issue summary: Use of -addreject option with the openssl x509 application adds a trusted …JLSEC-2026-248Medium 4.1Issue summary: A timing side-channel which could potentially allow recovering the private…JLSEC-2026-251High 7.5Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause memory to be a…JLSEC-2026-254Medium 4.3Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit v…JLSEC-2026-253High 7.5Issue summary: Applications performing certificate name checks (e.g., TLS clients checkin…JLSEC-2026-252Critical 9.1Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty suppo…JLSEC-2026-250Medium 5.3Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact …JLSEC-2026-246Medium 5.9Issue summary: Checking excessively long invalid RSA public keys may take a long time. Im…JLSEC-2026-249Medium 5.9Issue summary: Some non-default TLS server configurations can cause unbounded memory grow…JLSEC-2026-247Medium 5.5Null pointer dereference in PKCS12 parsingJLSEC-2026-245Medium 6.5Issue summary: The POLY1305 MAC (message authentication code) implementation contains a b…JLSEC-2026-244Medium 5.3Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.…JLSEC-2026-243High 7.5Issue summary: A bug has been identified in the processing of key and initialisation vect…JLSEC-2026-242High 7.8Issue summary: The POLY1305 MAC (message authentication code) implementation contains a b…JLSEC-2026-241Medium 5.3Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact s…JLSEC-2026-240Medium 5.3Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore …JLSEC-2026-239Medium 6.5Issue summary: Processing some specially crafted ASN.1 object identifiers or data contain…JLSEC-2026-238Medium 5.9Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform conta…JLSEC-2026-237Medium 5.3The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certi…JLSEC-2026-236Medium 5.3Applications that use a non-default option when verifying certificates may be vulnerable …JLSEC-2026-235High 7.5A security vulnerability has been identified in all supported versions of OpenSSL related…JLSEC-2026-234High 7.4Vulnerable OpenSSL included in cryptography wheelsJLSEC-2026-233High 7.5openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`JLSEC-2026-232High 7.5openssl-src contains Double free after calling `PEM_read_bio_ex`JLSEC-2026-231Medium 5.9openssl-src subject to Timing Oracle in RSA DecryptionJLSEC-2026-230AES OCB fails to encrypt some bytesJLSEC-2026-229Critical 9.8In addition to the c_rehash shell command injection identified in CVE-2022-1292, further.…JLSEC-2026-228Critical 9.8The c_rehash script does not properly sanitise shell metacharacters to prevent command in…JLSEC-2026-227openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificatesJLSEC-2026-226There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC alg…JLSEC-2026-225High 7.4Read buffer overruns processing ASN.1 stringsJLSEC-2026-224SM2 Decryption Buffer OverflowJLSEC-2026-223openssl-src NULL pointer Dereference in signature_algorithms processingJLSEC-2026-222Integer Overflow in openssl-srcJLSEC-2026-221High 7.5Integer Overflow in openssl-srcJLSEC-2026-220The X.509 GeneralName type is a generic type for representing different types of names. O…JLSEC-2026-219Null pointer deference in openssl-srcJLSEC-2026-216There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiati…JLSEC-2026-218In situations where an attacker receives automated notification of the success or failure…JLSEC-2026-215OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to …JLSEC-2026-214Normally in OpenSSL EC groups always have a co-factor present and this is used in side ch…JLSEC-2026-217OpenSSL has internal defaults for a directory tree where it can find a configuration file…