When does OpenSSL reach end-of-life?

The latest supported OpenSSL release is 4.0.1. After end-of-life a release no longer receives security patches.

OpenSSL ↗

OpenSSL · Infrastructure

100/100 Healthy

Summary iPlain-English security verdict for OpenSSL, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.

OpenSSL currently scores 100/100 — healthy. 1 actively-exploited vulnerability (CISA KEV) affects older releases (e.g. CVE-2014-0160) — staying on the latest supported version keeps you clear of it. The latest supported release is 4.0.1. It's on the latest patch with no significant known issues — keep it current.

Disclosure trend iNew CVEs published for OpenSSL each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.

'19

'20

'21

'22

'23

'24

'25

'26

Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.

Most urgent first — actively exploited, then likeliest to be exploited.

CVE-2014-0160 HIGH ● exploited Out-of-bounds read EPSS 94% → fixed in 1.0.1g CVE-2014-3566 LOW CWE-310 EPSS 94% → see advisory CVE-2014-0195 MEDIUM Buffer overflow EPSS 93% → fixed in 1.0.1h CVE-2015-4000 LOW CWE-310 EPSS 92% → see advisory CVE-2015-0204 MEDIUM CWE-310 EPSS 92% → see advisory CVE-2023-2650 MEDIUM Resource exhaustion EPSS 92% → fixed in 3.1.1 CVE-2014-3470 MEDIUM CWE-476 EPSS 91% → fixed in 1.0.1h CVE-2016-0800 MEDIUM Information disclosure EPSS 90% → see advisory CVE-2014-0224 HIGH CWE-326 EPSS 90% → fixed in 1.0.1h CVE-2002-0656 HIGH EPSS 89% → see advisory CVE-2023-0286 HIGH CWE-843 EPSS 88% → fixed in 3.0.8 CVE-2022-3602 HIGH Out-of-bounds write EPSS 84% → fixed in 3.0.7

Versions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.

How long each OpenSSL release line is supported — and when it sunsets.

4.0 latest 4.0.1 Supported until 2027-05-14

3.6 latest 3.6.3 Supported until 2026-11-01

3.5 latest 3.5.7 Supported until 2030-04-08

3.4 latest 3.4.6 Supported until 2026-10-22

3.3 latest 3.3.7 End of life ended 2026-04-09

3.2 latest 3.2.6 End of life ended 2025-11-23

3.1 latest 3.1.8 End of life ended 2025-03-14

3.0 latest 3.0.21 Supported until 2026-09-07

1.1.1 latest 1.1.1w End of life ended 2023-09-11

1.1.0 latest 1.1.0l End of life ended 2019-09-11

See all upcoming end-of-life dates →