Security · Lifecycle Status

Security & Cryptography End of Life Dates

Security library end-of-life is the highest-severity EOL category. When a cryptography library or security component loses support, every system that depends on it for encryption, authentication, or secure communication becomes vulnerable to attacks against the cryptographic layer itself.

Live data from endoflife.date · Updated continuously · How we source data →

5
Total Products
End of Life
Warning
Active
openssl
OpenSSL
Loading...
openvpn
OpenVPN
Loading...
clamav
ClamAV
Loading...
keycloak
Keycloak
Loading...
log4j
Apache Log4j
Loading...

Why Security Library EOL Is Critical

OpenSSL, OpenSSH, and similar security libraries sit beneath almost every secure network connection, encrypted data store, and authenticated system call in modern infrastructure. A vulnerability in an EOL version of OpenSSL is not a vulnerability in an application — it is a vulnerability in the cryptographic foundation that the application trusts.

OpenSSL 1.1.1 reached end of life in September 2023. It remains one of the most widely deployed OpenSSL versions globally, particularly in systems that have not been updated since before the EOL date. The Heartbleed vulnerability — disclosed in 2014 — affected OpenSSL and took years to fully remediate across the ecosystem. An EOL OpenSSL version is permanently exposed to any equivalent future disclosure.

Security library upgrades should be treated as the highest priority in any EOL remediation program. The blast radius of a compromised cryptographic layer extends to every system and data asset it protects.

Related Categories