Lucene search
K

15 matches found

OSV
OSV
added 2026/04/27 6:33 p.m.12 views

JLSEC-2026-258 Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when...

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS5.3AI score0.00176EPSS
Exploits1References5
F5 Networks
F5 Networks
added 2026/02/11 3:28 p.m.12 views

K000159974: OpenSSL vulnerability CVE-2025-15469

Security Advisory Description Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such ...

5.5CVSS5.5AI score0.00176EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/01/30 12:42 a.m.7 views

SUSE CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

6.2CVSS5.8AI score0.00176EPSS
Exploits1References8
Snyk
Snyk
added 2026/01/27 4:49 p.m.5 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the openssl dgst command-line tool, which silently truncates input data to 16MB when using one-shot signing algorithms. Signatures for payloads larger than 16MB may appear to be valid...

6.3CVSS5.9AI score0.00176EPSS
Exploits1References2
NVD
NVD
added 2026/01/27 4:16 p.m.11 views

CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS0.00176EPSS
Exploits1References3
OSV
OSV
added 2026/01/27 4:16 p.m.10 views

ALPINE-CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS5.8AI score0.00176EPSS
Exploits1References1
CVE
CVE
added 2026/01/27 4:1 p.m.64 views

CVE-2025-15469

CVE-2025-15469 affects the OpenSSL openssl dgst CLI: one-shot signing algorithms (Ed25519, Ed448, ML-DSA variants) can silently truncate input to 16 MB and report success. Impact: in workflows that sign and verify with the dgst path, trailing data beyond 16 MB may remain unauthenticated. The issu...

5.5CVSS5.8AI score0.00176EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/27 4:1 p.m.4 views

CVE-2025-15469 'openssl dgst' one-shot codepath silently truncates inputs >16MB

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.8AI score0.00176EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/01/27 4:1 p.m.7 views

CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.8AI score0.00176EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/01/27 4:1 p.m.7 views

CVE-2025-15469 'openssl dgst' one-shot codepath silently truncates inputs >16MB

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS6.7AI score0.00176EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2026/01/27 4:1 p.m.7 views

CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS5.8AI score0.00176EPSS
Exploits1
Cvelist
Cvelist
added 2026/01/27 4:1 p.m.39 views

CVE-2025-15469 'openssl dgst' one-shot codepath silently truncates inputs >16MB

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

0.00176EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/27 4:1 p.m.8 views

EUVD-2025-206399

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.8AI score0.00176EPSS
Exploits1References3
OSV
OSV
added 2026/01/27 12:0 a.m.7 views

UBUNTU-CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS7.1AI score0.00176EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.11 views

PT-2026-4943

Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.5 and 3.6 Description The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. This can lead a user to believe an entire file ...

9.8CVSS5.9AI score0.47621EPSS
Exploits7References66
Rows per page
Query Builder