CVE-2025-9232 Out-of-bounds read in HTTP client no_proxy handling

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

CVE-2025-9232

CVE-2025-9232 involves OpenSSL HTTP client API functions; the vulnerability is an out-of-bounds read when the environment variable no_proxy is set and the URL’s authority host is IPv6, causing potential Denial of Service via a crash. The issue is rooted in HTTP client handling introduced in patch...

OpenSSL 3.0.0 < 3.0.18 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.18. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.18 advisory. - Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy'...

OpenSSL 3.3.0 < 3.3.5 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.3.5. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.3.5 advisory. - Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm...

PT-2025-39988

Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.0.16 through 3.5.0 EDK II affected versions not specified Description An issue has been identified in OpenSSL where an application using the HTTP client API functions may trigger an out-of-bounds read if the no proxy...

OpenSSL 安全漏洞

OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

CVE-2025-9232

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

OpenSSL Toolkit 3.3.5

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.3 release...

OpenSSL Toolkit 3.2.6

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.2 release...

OpenSSL Toolkit 3.0.18

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.0 LTS release...

OpenSSL Security Advisory 20250930

OpenSSL Security Advisory 20250930 - An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the "noproxy" environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address...

OpenSSL Toolkit 3.5.4

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.5 LTS release...

OpenSSL 安全漏洞

OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a wide range of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

OpenSSL -- multiple vulnerabilities

The OpenSSL project reports reports: Out-of-bounds read & write in RFC 3211 KEK Unwrap Timing side-channel in SM2 algorithm on 64-bit ARM Fix Out-of-bounds read in HTTP client noproxy handling...

OpenSSL 安全漏洞

OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a wide range of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

OpenSSL 3.4.0 < 3.4.3 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.4.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.4.3 advisory. - Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm...

NewStart CGSL MAIN 6.06 : openssl Multiple Vulnerabilities (NS-SA-2025-0211)

The remote NewStart CGSL host, running version MAIN 6.06, has openssl packages installed that are affected by multiple vulnerabilities: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...

OpenSSL 1.1.1 < 1.1.1zd Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.1.1zd. It is, therefore, affected by a vulnerability as referenced in the 1.1.1zd advisory. - Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read...

OpenSSL 3.5.0 < 3.5.4 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.5.4. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.5.4 advisory. - Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm...

FreeBSD-SA-25:08.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-25:08.openssl Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in OpenSSL Category: contrib Module: openssl Announced: 2025-09-30 Credits:...