CVE-2026-22796 affecting package openssl for versions less than 3.3.5-3

CVE-2026-22796 affecting package openssl for versions less than 3.3.5-3. A patched version of the package is available...

CVE-2025-69419 affecting package openssl for versions less than 3.3.5-3

CVE-2025-69419 affecting package openssl for versions less than 3.3.5-3. A patched version of the package is available...

CVE-2026-22795 affecting package openssl for versions less than 3.3.5-3

CVE-2026-22795 affecting package openssl for versions less than 3.3.5-3. A patched version of the package is available...

K000159868: OpenSSL vulnerability CVE-2025-15467

Security Advisory Description Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsi...

RHSA-2026:1733 Red Hat Security Advisory: openssl security update

Bulletin has no description...

RHSA-2026:1720 Red Hat Security Advisory: openssl security update

Bulletin has no description...

Oracle Linux 10 : curl (ELSA-2026-1825)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1825 advisory. 8.12.1-2.el101.2 - openssl: respect system crypto policy for TLS max version RHEL-128923 8.12.1-2.el101.1 - cookie: don't treat the leading slash as trailing...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:0359-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0359-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:0360-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0360-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2026:0358-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0358-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyrespon...

Security update for openssl-3 (important)

openSUSE security update: security update for openssl-3 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20152-1 Rating: important References: bsc1256829 bsc1256830 bsc1256831 bsc1256832 bsc1256833 bsc1256834 bsc1256835 bsc1256836 bsc1256837 bsc12568...

Missing Validation of OpenSSL Certificate

Overview sagemaker is an Open source library for training and deploying models on Amazon SageMaker. Affected versions of this package are vulnerable to Missing Validation of OpenSSL Certificate via the global disabling of SSL certificate verification in the Triton Python backend. An attacker in a...

Missing Validation of OpenSSL Certificate

Overview Affected versions of this package are vulnerable to Missing Validation of OpenSSL Certificate due to the default configuration of DefaultConfig where TLS certificate verification is disabled for outgoing storage driver communications. An attacker can intercept, decrypt, and manipulate al...

Missing Validation of OpenSSL Certificate

Overview Affected versions of this package are vulnerable to Missing Validation of OpenSSL Certificate due to the default configuration of DefaultConfig where TLS certificate verification is disabled for outgoing storage driver communications. An attacker can intercept, decrypt, and manipulate al...

Missing Validation of OpenSSL Certificate

Overview Affected versions of this package are vulnerable to Missing Validation of OpenSSL Certificate due to the default configuration of DefaultConfig where TLS certificate verification is disabled for outgoing storage driver communications. An attacker can intercept, decrypt, and manipulate al...

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

A flaw was found in OpenSSL. When processing a specially crafted PKCS12 Personal Information Exchange Syntax Standard file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSLuni2utf8 function, leads to memory corruption by writing data...

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2025-69421 affecting package openssl for versions less than 3.3.5-2

CVE-2025-69421 affecting package openssl for versions less than 3.3.5-2. A patched version of the package is available...

CVE-2025-15467 affecting package openssl for versions less than 3.3.5-2

CVE-2025-15467 affecting package openssl for versions less than 3.3.5-2. A patched version of the package is available...