OpenSSL 3.2.0 < 3.2.6 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.2.6 advisory. - Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm...

AZL-61910 CVE-2025-4476 affecting package libsoup for versions less than 3.4.4-7

A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 Unauthorized HTTP response containing a specifically crafted domain parameter within the WWW-Authenticate header. Processing this malformed...