| LibreSSL | Number Of NVD | 12 | CRITICAL | 3 | HIGH | 5 | MEDIUM | 4 | LOW | 0 |
| URL | https://www.libressl.org/ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | An open source TLS/SSL protocol developed by OpenBSD developers to remedy potential problems with OpenSSL in response to the OpenSSL heartbleed vulnerability. It migrates to a new stable branch every 6 months according to OpenBSD's development schedule. A stable branch is updated for one year after the corresponding OpenBSD branch release is tagged. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://www.libressl.org/releases.html | ||
| 2 | https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/ |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 11 | LibreSSL 3 | 3.9.2 | May 12, 2024 | April 1, 2019 | 2 | 2 | 2 | 0 | |||
| 12 | LibreSSL 2.9 | 2.9.2 | May 15, 2019 | Dec. 15, 2018 | 2 | 2 | 2 | 0 | |||
| 13 | LibreSSL 2.8 | 2.8.3 | Dec. 15, 2018 | Aug. 3, 2018 | 2 | 0 | 2 | 0 | |||
| 14 | LibreSSL 2.7 | 2.7.5 | Dec. 15, 2018 | March 21, 2018 | 2 | 1 | 3 | 0 | |||
| 15 | LibreSSL 2.6 | 2.6.5 | June 13, 2018 | July 9, 2017 | 2 | 0 | 3 | 0 | |||
| 16 | LibreSSL 2.5 | 2.5.5 | July 9, 2017 | Sept. 27, 2016 | 2 | 0 | 4 | 0 | |||
| 17 | LibreSSL 2.4 | 2.4.5 | Jan. 31, 2017 | May 30, 2016 | 2 | 0 | 3 | 0 | |||
| 18 | LibreSSL 2.3 | 2.3.9 | Nov. 6, 2016 | Sept. 23, 2015 | 3 | 1 | 3 | 0 | |||
| 19 | LibreSSL 2.2 | 2.2.9 | June 7, 2016 | June 11, 2015 | 3 | 1 | 3 | 0 | |||
| 20 | LibreSSL 2.1 | 2.1.10 | Jan. 28, 2016 | Dec. 12, 2014 | 3 | 2 | 3 | 0 | |||
| 21 | LibreSSL 2.0 | 2.0.6 | 3 | 2 | 3 | 0 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 11 |
5.3 2.6 |
MEDIUM
Network |
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callbac… |
CWE-295
Improper Certificate Validation |
CVE-2017-8301 |
cpe:2.3:a:openbsd:libressl:2.5.3:* cpe:2.3:a:openbsd:libressl:2.5.2:* cpe:2.3:a:openbsd:libressl:2.5.1:* |
2024-11-21 12:33 2017-04-28 |
Show | GitHub Exploit DB Packet Storm | ||||
| 12 |
- 7.5 |
HIGH | Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified ot… |
NVD-CWE-Other
|
CVE-2014-9424 | cpe:2.3:a:openbsd:libressl:*:* | 2.1.1 |
2024-11-21 11:20 2014-12-29 |
Show | GitHub Exploit DB Packet Storm |