OpenSSL
Security Scorecard
Score
25F
Total CVEs
65
Patch Rate
0%
0 patched
Avg Response
-
days to patch
Critical Gaps
3
exploitable, no detection
Severity Breakdown
Critical0
High1
Medium1
Low0
Patch Status
Patched0 (0%)
Partial/Workaround0 (0%)
Unpatched65 (100%)
CVEs (65)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-9230 | FIPS Module Out-of-Bounds Read | HIGH | 7.5 | 78d | Unpatched |
| CVE-2025-9232 | OpenSSL HTTP Client API Out-of-Bounds Read Vulnerability | MEDIUM | 5.9 | 78d | Unpatched |
| CVE-2017-3994 | Uninitialized Pointer Dereference in OpenSSL | N/A | - | 2837d | Unpatched |
| CVE-2017-4111 | CVE-2017-4111 - Uninitialized Pointer Dereference in OpenSSL | N/A | - | 2837d | Unpatched |
| CVE-2017-4204 | Uninitialized Pointer Dereference in OpenSSL | N/A | - | 2837d | Unpatched |
| CVE-2017-4222 | Uninitialized Pointer Dereference in OpenSSL | N/A | - | 2837d | Unpatched |
| CVE-2017-4454 | CVE-2017-4454 - "Uninitialized Pointer" Vulnerability in OpenSSL | N/A | - | 2837d | Unpatched |
| CVE-2017-4602 | Uninitialized Pointer Dereference in OpenSSL | N/A | - | 2837d | Unpatched |
| CVE-2017-4663 | Uninitialized Pointer Dereference in OpenSSL | N/A | - | 2837d | Unpatched |
| CVE-2017-4690 | Uninitialized Pointer Dereference in OpenSSL | N/A | - | 2837d | Unpatched |