Exposición de OpenSSL
Web server extensions169
score de exposición
71.969
sitios usan
0
en explotación
8
críticos
CVEs
152 resultadosCVE-2017-16064—node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.2%CVE-2017-16065—openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.2%CVE-2024-4603MEDIUMExcessive time spent checking DSA keys and parametersEPSS 1.1%CVE-2022-1343MEDIUMOCSP_basic_verify may incorrectly verify the response signing certificateEPSS 1.1%CVE-2026-31790HIGHIncorrect Failure Handling in RSA KEM RSASVE EncapsulationEPSS 1.0%CVE-2022-1434—Incorrect MAC key used in the RC4-MD5 ciphersuiteEPSS 1.0%CVE-2023-1255MEDIUMInput buffer over-read in AES-XTS implementation on 64 bit ARMEPSS 1.0%CVE-2026-28388HIGHNULL Pointer Dereference When Processing a Delta CRLEPSS 0.9%CVE-2023-4807HIGHPOLY1305 MAC implementation corrupts XMM registers on WindowsEPSS 0.9%CVE-2025-69421HIGHNULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex functionEPSS 0.8%CVE-2026-28389HIGHPossible NULL Dereference When Processing CMS KeyAgreeRecipientInfoEPSS 0.8%CVE-2026-28390HIGHPossible NULL Dereference When Processing CMS KeyTransportRecipientInfoEPSS 0.8%CVE-2025-69420HIGHMissing ASN1_TYPE validation in TS_RESP_verify_response() functionEPSS 0.8%CVE-2025-15468MEDIUMNULL dereference in SSL_CIPHER_find() function on unknown cipher IDEPSS 0.7%CVE-2026-42764HIGHNULL Pointer Dereference in QUIC Server Initial Packet HandlingEPSS 0.7%CVE-2019-1552—Windows builds with insecure path defaultsEPSS 0.7%CVE-2026-8507CRITICALCrypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds (OOB) write flawsEPSS 0.6%CVE-2026-28387HIGHPotential Use-after-free in DANE Client CodeEPSS 0.6%CVE-2025-24898MEDIUMrust openssl ssl::select_next_proto use after freeEPSS 0.6%CVE-2022-43507HIGHImproper buffer restrictions in the Intel(R) QAT Engine for OpenSSL before version 0.6.16 may allow a privileged user to potentially enable EPSS 0.6%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →