Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.0.3 Vulnerability Details CVEID:CVE-2025-11187 DESCRIPTION: Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer...

K000159898: OpenSSL vulnerability CVE-2025-11187

Security Advisory Description Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cau...

Ubuntu: Security Advisory (USN-7980-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALPINE-CVE-2025-11187

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

CVE-2025-11187

OpenSSL CVE-2025-11187 affects OpenSSL 3.6, 3.5 and 3.4 where PBMAC1 parameters in PKCS#12 MAC verification are not validated. The PBKDF2 salt and keylength are used without validation; if keylength exceeds the 64-byte derived key buffer, an attacker-controlled buffer overflow can occur, potentia...

CVE-2025-11187

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

CVE-2025-11187 Improper validation of PBMAC1 parameters in PKCS#12 MAC verification

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

UBUNTU-CVE-2025-11187

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

Astra Linux - уязвимость в openssl

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

PT-2026-4940

Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.4.0 through 3.6.0 Description The vulnerability relates to improper validation of PBMAC1 parameters within PKCS12 files. Specifically, the PBKDF2 salt and keylength parameters are used without sufficient validation during MA...

SUSE-RU-2024:2564-1 Recommended update for mozilla-nss

This update for mozilla-nss fixes the following issues: - Fixed startup crash of Firefox when using FIPS-mode bsc1223724. - Added 'Provides: nss' so other RPMs that require 'nss' can be installed jira PED-6358. - FIPS: added safe memsets bsc1222811 - FIPS: restrict AES-GCM bsc1222830 - FIPS:...