rpm package
opensuse/openssl-3&distro=openSUSE Leap 16.0
pkg:rpm/opensuse/openssl-3&distro=openSUSE%20Leap%2016.0
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-9231 | Med | 6.5 | < 3.5.0-160000.4.1 | 3.5.0-160000.4.1 | Sep 30, 2025 | Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm implementation on 64 bit ARM platforms. Impact summary: A timing side-channel in SM2 signature computations on 64 bit ARM platforms could allow recov | |
| CVE-2025-9230 | Hig | 7.5 | < 3.5.0-160000.4.1 | 3.5.0-160000.4.1 | Sep 30, 2025 | Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds |
- affected < 3.5.0-160000.4.1fixed 3.5.0-160000.4.1
Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm implementation on 64 bit ARM platforms. Impact summary: A timing side-channel in SM2 signature computations on 64 bit ARM platforms could allow recov
- affected < 3.5.0-160000.4.1fixed 3.5.0-160000.4.1
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds
Page 2 of 2