rpm package
suse/openssl-1_0_0&distro=SUSE Linux Enterprise Module for Legacy 15 SP6
pkg:rpm/suse/openssl-1_0_0&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-9230 | Hig | 7.5 | < 1.0.2p-150000.3.97.1 | 1.0.2p-150000.3.97.1 | Sep 30, 2025 | Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds | |
| CVE-2024-5535 | Cri | 9.1 | < 1.0.2p-150000.3.94.1 | 1.0.2p-150000.3.94.1 | Jun 27, 2024 | Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected appl |
- affected < 1.0.2p-150000.3.97.1fixed 1.0.2p-150000.3.97.1
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds
- affected < 1.0.2p-150000.3.94.1fixed 1.0.2p-150000.3.94.1
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected appl