VYPR

rpm package

suse/openCryptoki&distro=SUSE Linux Enterprise Server for SAP applications 16.0

pkg:rpm/suse/openCryptoki&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0

Vulnerabilities (2)

  • CVE-2026-23893Jan 22, 2026
    affected < 3.26.0-160000.1.1fixed 3.26.0-160000.1.1

    openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in grou

  • CVE-2026-22791Jan 13, 2026
    affected < 3.26.0-160000.1.1fixed 3.26.0-160000.1.1

    openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKM_ECDH_AES_KEY_WRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a com