Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM DevOps Code ClearCase

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM DevOps Code ClearCase. CVE-2025-9230 , CVE-2025-9232 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based...

SUSE SLES15: libopenssl-1_0_0-devel / libopenssl-1_0_0-devel-32bit / etc (SUSE-SU-2025:4126-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4126-1 advisory. - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232. Tenable has extracted the preceding...

RHSA-2025:21562 Red Hat Security Advisory: openssl security update

Bulletin has no description...

Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

SUSE-SU-2025:4126-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232...

CVE-2025-9230 affecting package openssl for versions less than 1.1.1k-37

CVE-2025-9230 affecting package openssl for versions less than 1.1.1k-37. A patched version of the package is available...

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

RHEL 9 : openssl (RHSA-2025:21562)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21562 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

RHSA-2025:21255 Red Hat Security Advisory: openssl security update

Bulletin has no description...

RHSA-2025:21248 Red Hat Security Advisory: openssl security update

Bulletin has no description...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libssh (UTSA-2025-990914)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990914 advisory. A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsiste...

Mageia: Security Advisory (MGASA-2025-0287)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2025-0287 Updated perl-Crypt-OpenSSL-RSA packages fix security vulnerability

Perl-crypt-openssl-rsa: side-channel attack in pkcs1 v1.5 padding mode marvin attack. CVE-2024-2467...

Updated perl-Crypt-OpenSSL-RSA packages fix security vulnerability

Perl-crypt-openssl-rsa: side-channel attack in pkcs1 v1.5 padding mode marvin attack. CVE-2024-2467...

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

RHSA-2025:21174 Red Hat Security Advisory: openssl security update

Bulletin has no description...

RHEL 10 : openssl (RHSA-2025:21248)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21248 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...