Lucene search
+L

15 matches found

osv
osv
added 2026/04/27 6:33 p.m.12 views

JLSEC-2026-258 Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when...

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS5.3AI score0.00176EPSS
Exploits1References5
f5
f5
added 2026/02/11 3:28 p.m.13 views

K000159974: OpenSSL vulnerability CVE-2025-15469

Security Advisory Description Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such ...

5.5CVSS5.5AI score0.00176EPSS
Exploits1
susecve
susecve
added 2026/01/30 12:42 a.m.7 views

SUSE CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

6.2CVSS5.8AI score0.00176EPSS
Exploits1References8
snyk
snyk
added 2026/01/27 4:49 p.m.5 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the openssl dgst command-line tool, which silently truncates input data to 16MB when using one-shot signing algorithms. Signatures for payloads larger than 16MB may appear to be valid...

6.3CVSS5.9AI score0.00176EPSS
Exploits1References2
nvd
nvd
added 2026/01/27 4:16 p.m.11 views

CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS0.00176EPSS
Exploits1References3
osv
osv
added 2026/01/27 4:16 p.m.10 views

ALPINE-CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS5.8AI score0.00176EPSS
Exploits1References1
cvelist
cvelist
added 2026/01/27 4:1 p.m.40 views

CVE-2025-15469 'openssl dgst' one-shot codepath silently truncates inputs >16MB

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

0.00176EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2026/01/27 4:1 p.m.4 views

CVE-2025-15469 'openssl dgst' one-shot codepath silently truncates inputs >16MB

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.8AI score0.00176EPSS
Exploits1References3
attackerkb
attackerkb
added 2026/01/27 4:1 p.m.7 views

CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.8AI score0.00176EPSS
Exploits1References4Affected Software1
alpinelinux
alpinelinux
added 2026/01/27 4:1 p.m.7 views

CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS5.8AI score0.00176EPSS
Exploits1
cve
cve
added 2026/01/27 4:1 p.m.65 views

CVE-2025-15469

CVE-2025-15469 affects the OpenSSL openssl dgst CLI: one-shot signing algorithms (Ed25519, Ed448, ML-DSA variants) can silently truncate input to 16 MB and report success. Impact: in workflows that sign and verify with the dgst path, trailing data beyond 16 MB may remain unauthenticated. The issu...

5.5CVSS5.8AI score0.00176EPSS
Exploits1References3Affected Software1
osv
osv
added 2026/01/27 4:1 p.m.10 views

CVE-2025-15469 'openssl dgst' one-shot codepath silently truncates inputs >16MB

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS6.7AI score0.00176EPSS
Exploits1References5
euvd
euvd
added 2026/01/27 4:1 p.m.11 views

EUVD-2025-206399

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.8AI score0.00176EPSS
Exploits1References3
osv
osv
added 2026/01/27 12:0 a.m.7 views

UBUNTU-CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS7.1AI score0.00176EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2025/01/01 12:0 a.m.11 views

PT-2026-4943

Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.5 and 3.6 Description The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. This can lead a user to believe an entire file ...

9.8CVSS5.9AI score0.47621EPSS
Exploits7References66
Rows per page
Query Builder