Lucene search
+L

105 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.5 views

Siemens S7-1500 and SCALANCE Out-of-bounds Read (CVE-2025-9232)

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out- of-bounds read can trigger a crash...

5.9CVSS6.8AI score0.02093EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.5 views

Astra Linux – Vulnerability in OpenSSL

Issue summary: An application that uses the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the ‘noproxy’ environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can cause a crash,...

5.9CVSS6.8AI score0.02093EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.10 views

openSUSE 16 Security Update : openssl-3 (openSUSE-SU-2025:20164-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20164-1 advisory. - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm...

7.5CVSS7AI score0.02234EPSS
Exploits0References9
OSV
OSV
added 2025/12/15 6:22 p.m.2 views

SUSE-SU-2025:21224-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM bsc1250233 - CVE-2025-9232: Fixed out-of-bounds read in HTTP client noproxy handling...

7.5CVSS5.8AI score0.02234EPSS
Exploits0References7
OSV
OSV
added 2025/12/15 6:22 p.m.6 views

SUSE-SU-2025:21213-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM bsc1250233 - CVE-2025-9232: Fixed out-of-bounds read in HTTP client noproxy handling...

7.5CVSS6.7AI score0.02234EPSS
Exploits0References7
OSV
OSV
added 2025/12/15 6:16 p.m.3 views

OPENSUSE-SU-2025:20164-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM bsc1250233 - CVE-2025-9232: Fixed out-of-bounds read in HTTP client noproxy handling...

7.5CVSS6.8AI score0.02234EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/19 3:6 p.m.8 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM DevOps Code ClearCase

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM DevOps Code ClearCase. CVE-2025-9230 , CVE-2025-9232 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based...

7.5CVSS7.4AI score0.02093EPSS
Exploits0Affected Software1
Mageia
Mageia
added 2025/10/20 7:51 p.m.13 views

Updated quictls packages with two security issues and bug fixes

Two security issues and miscellaneous minor bug fixes. Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. CVE-2025-9230 Fix Out-of-bounds read in HTTP client noproxy handling. CVE-2025-9232...

7.5CVSS7.2AI score0.02093EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/10/02 8:5 a.m.5 views

Out-of-bounds read in HTTP client no_proxy handling

...

5.9CVSS7AI score0.02093EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/10/01 11:25 p.m.6 views

SUSE CVE-2025-9232

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

6.5CVSS7AI score0.02093EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2025/10/01 12:0 a.m.5 views

OpenSSL DoS Vulnerability (20250930, CVE-2025-9232) - Windows

OpenSSL is prone to a denial of service DoS vulnerability due to an out-of-bounds read in HTTP client noproxy handling. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5.9CVSS6.8AI score0.02093EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/10/01 12:0 a.m.5 views

OpenSSL DoS Vulnerability (20250930, CVE-2025-9232) - Linux

OpenSSL is prone to a denial of service DoS vulnerability due to an out-of-bounds read in HTTP client noproxy handling. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5.9CVSS6.8AI score0.02093EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/30 11:59 p.m.10 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to a missing NULL byte termination after strncpy call. An attacker can cause a crash and disrupt application availability by triggering an out-of-bounds read if API functions of OpenSSL HTTP client are used while...

6.5CVSS6.4AI score0.02093EPSS
Exploits0References2
OSV
OSV
added 2025/09/30 2:15 p.m.8 views

AZL-67977 CVE-2025-9232 affecting package openssl for versions less than 3.3.5-1

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

5.9CVSS6.6AI score0.02093EPSS
Exploits0References1
OSV
OSV
added 2025/09/30 2:15 p.m.8 views

AZL-78588 CVE-2025-9232 affecting package openssl-fips-provider 3.1.2-1

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

5.9CVSS6.6AI score0.02093EPSS
Exploits0References1
NVD
NVD
added 2025/09/30 2:15 p.m.6 views

CVE-2025-9232

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

5.9CVSS0.02093EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2025/09/30 1:17 p.m.3 views

CVE-2025-9232 Out-of-bounds read in HTTP client no_proxy handling

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

6.7AI score0.02093EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/09/30 1:17 p.m.23 views

CVE-2025-9232 Out-of-bounds read in HTTP client no_proxy handling

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

0.02093EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/09/30 1:17 p.m.9 views

CVE-2025-9232

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

5.9CVSS7AI score0.02093EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/09/30 1:17 p.m.6 views

CVE-2025-9232

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

5.9CVSS7AI score0.02093EPSS
Exploits0
Rows per page
Query Builder