Vulnerabilities > Openssl > Openssl > 3.0.5

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2022-3996 Improper Locking vulnerability in Openssl
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively.
network
low complexity
openssl CWE-667
7.5
7.5
2022-11-01 CVE-2022-3602 Out-of-bounds Write vulnerability in multiple products
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking.
network
low complexity
openssl fedoraproject netapp nodejs CWE-787
7.5
7.5
2022-11-01 CVE-2022-3786 Classic Buffer Overflow vulnerability in multiple products
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking.
network
low complexity
openssl fedoraproject nodejs CWE-120
7.5
7.5
2022-10-11 CVE-2022-3358 NULL Pointer Dereference vulnerability in Openssl
OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls.
network
low complexity
openssl CWE-476
7.5
7.5