Vulnerabilities > Openssl > Openssl > 1.0.2k
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-07 | CVE-2017-3737 | Out-of-bounds Read vulnerability in multiple products OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. | 4.3 |
| 2017-11-02 | CVE-2017-3736 | Information Exposure vulnerability in Openssl There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. | 4.0 |
| 2017-08-28 | CVE-2017-3735 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. | 5.3 |