openssl security update

1:1.0.2k-26.0.1 - Fixes CVE-2025-9230 Fix incorrect check of unwrapped key size Orabug: 38916245...

K000159974: OpenSSL vulnerability CVE-2025-15469

Security Advisory Description Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such ...

CLSA-2026-1770821221 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

CLSA-2026-1770820398 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

Exploit for CVE-2024-7387

clone the repository containing the required files: shell gi...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.33 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.33 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.14 bug fix and security update

Red Hat OpenShift Container Platform release 4.20.14 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...

CVE-2026-25892

Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: openssl (UTSA-2026-005335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005335 advisory. Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssl (UTSA-2026-005350)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005350 advisory. Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: openssl (UTSA-2026-005342)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005342 advisory. Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssl (UTSA-2026-005351)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005351 advisory. Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating...

Siemens SCALANCE and RUGGEDCOM Covert Timing Channel (CVE-2025-27587)

OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVPDigestSign API, and then using the private key to extract the K value nonce from the signatures. Next, based on the bit size of t...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: osbuild-composer (UTSA-2026-005317)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005317 advisory. A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled input...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssl (UTSA-2026-005327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005327 advisory. Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary:...

OpenSSL 3.x Malicious AES‑GCM ASN.1 Parameter Injection

This C code is a security research proof of concept targeting OpenSSL's CMS Cryptographic Message Syntax handling. It programmatically creates a syntactically valid CMS AuthEnvelopedData object using AES-256-GCM, then injects a custom-crafted ASN.1 AESGCMPARAMETERS sequence with an abnormally lar...

Siemens S7-1500 and SCALANCE Out-of-bounds Read (CVE-2025-9232)

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out- of-bounds read can trigger a crash...

CVE-2026-25892

Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from a...

CLSA-2026-1770667352 openssl: Fix of 3 CVEs

CVE-2025-69418: fix OCB AES-NI/HW stream path leaving trailing bytes unauthenticated/unencrypted by advancing pointers after stream processing - CVE-2025-69420: fix missing ASN1TYPE validation in TSRESPverifyresponse for signing certificate attributes - CVE-2025-15468: add a NULL guard before...

K000159924: OpenSSL vulnerability CVE-2025-15468

Security Advisory Description Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running...