Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-47914 DESCRIPTION: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the...

OESA-2025-2486 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read an...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the kekunwrapkey function. An attacker can cause application instability, crash, or potentially execute arbitrary code by sending CMS messages encrypted using password based encryption to trigger out-of-bounds...

CVE-2025-9230

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...