VYPR

apk package

chainguard/openssl-provider-fips-3.6.0

pkg:apk/chainguard/openssl-provider-fips-3.6.0

Vulnerabilities (23)

  • CVE-2025-15469Jan 27, 2026
    affected < 0fixed 0

    Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms (such as Ed25519,

  • CVE-2025-15468Jan 27, 2026
    affected < 0fixed 0

    Issue summary: If an application using the SSL_CIPHER_find() function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process ca

  • CVE-2025-11187Jan 27, 2026
    affected < 0fixed 0

    Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash

Page 2 of 2