OpenSSL: 1.0.0t → 1.0.2zp
OpenSSL · upgrade impact · Official site ↗
Fixed by upgrading to 1.0.2zp iVulnerabilities that affect 1.0.0t but no longer affect 1.0.2zp — the security gain from this upgrade, by exploited status then exploitation probability.
Exploited first, then by exploitation probability (EPSS).
CVE-2015-4000 LOW EPSS 92% ✓ cleared in 1.0.2zp CVE-2016-2107 MEDIUM EPSS 80% ✓ cleared in 1.0.2zp CVE-2016-2106 HIGH EPSS 67% ✓ cleared in 1.0.2zp CVE-2016-2109 HIGH EPSS 58% ✓ cleared in 1.0.2zp CVE-2013-6449 MEDIUM EPSS 47% ✓ cleared in 1.0.2zp CVE-2016-2108 CRITICAL EPSS 37% ✓ cleared in 1.0.2zp CVE-2021-4044 HIGH EPSS 33% ✓ cleared in 1.0.2zp CVE-2014-0198 MEDIUM EPSS 33% ✓ cleared in 1.0.2zp CVE-2010-5298 MEDIUM EPSS 19% ✓ cleared in 1.0.2zp CVE-2016-2176 HIGH EPSS 7% ✓ cleared in 1.0.2zp CVE-2016-7056 MEDIUM EPSS 0% ✓ cleared in 1.0.2zp