Openssl
by Openssl
Take action — actively targeted
Openssl is actively targeted by attackers. A significant proportion of its known vulnerabilities are being exploited.
What to do
- Apply all available updates immediately
- Review your exposure — is this internet-facing?
- Monitor vendor advisories for this product
What Attackers Target
Vulnerabilities with high exploit probability
39.8%
Confirmed actively exploited (CISA)
0.8%
Public exploit code available
2.3%
Based on 133 known vulnerabilities. Percentages show the proportion that are actively dangerous — a low percentage means most vulnerabilities in this product are not being exploited.
Most Dangerous Vulnerabilities
| CVE | CVSS | Exploit Probability | Confirmed |
|---|---|---|---|
| CVE-2014-0160 | 7.5 | 94.5% | Yes |
| CVE-2014-3566 | 3.4 | 94.0% | — |
| CVE-2015-4000 | 3.7 | 93.9% | — |
| CVE-2014-0224 | 7.4 | 93.0% | — |
| CVE-2023-2650 | 6.5 | 92.0% | — |
| CVE-2016-0800 | 5.9 | 90.3% | — |
| CVE-2023-0286 | 7.4 | 89.0% | — |
| CVE-2022-3602 | 7.5 | 83.2% | — |
| CVE-2016-2107 | 5.9 | 80.0% | — |
| CVE-2018-0732 | 7.5 | 78.4% | — |
| CVE-2015-1793 | 6.5 | 76.4% | — |
| CVE-2003-0545 | 9.8 | 74.6% | — |
| CVE-2016-8610 | 7.5 | 71.1% | — |
| CVE-2016-2106 | 7.5 | 67.3% | — |
| CVE-2020-1967 | 7.5 | 67.3% | — |
| CVE-2016-2109 | 7.5 | 57.9% | — |
| CVE-2016-2842 | 9.8 | 54.0% | — |
| CVE-2017-3730 | 7.5 | 52.9% | — |
| CVE-2015-3194 | 7.5 | 51.9% | — |
| CVE-2016-2105 | 7.5 | 45.1% | — |
51
/ 100
high-risk
Active Threat
50/50 · Critical
Exploit Availability
1/50 · Minimal
Score uses Wilson score intervals to account for sample size. Products with few CVEs are scored conservatively.