openSUSE 16 Security Update : ocaml (openSUSE-SU-2026:20368-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20368-1 advisory. - CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992 Tenable has extracted the preceding description...

SUSE SLES15 Security Update : ocaml (SUSE-SU-2026:0800-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0800-1 advisory. - CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992. Tenable has extracted the precedin...

Security update for ocaml

This update for ocaml fixes the following issues: CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2026:0830-1 Security update for ocaml

This update for ocaml fixes the following issues: - CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992...

AZL-78495 CVE-2026-28364 affecting package ocaml 5.1.1-1

In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...

CVE-2026-28364

In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...

UBUNTU-CVE-2026-28364

In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...

PT-2026-22292

Name of the Vulnerable Software and Affected Versions OCaml versions prior to 4.14.3 OCaml 5.x versions prior to 5.4.1 Description A flaw exists in the Marshal deserialization process due to a missing bounds check within the readblock function. This allows for a buffer over-read, potentially...