VYPR

rpm package

suse/openssl-1_1-livepatches&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/openssl-1_1-livepatches&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (4)

  • CVE-2025-9230HigSep 30, 2025
    affected < 0.5-150400.3.17.1fixed 0.5-150400.3.17.1

    Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds

  • CVE-2024-4741HigNov 13, 2024
    affected < 0.4-150400.3.11.1fixed 0.4-150400.3.11.1

    Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of

  • CVE-2023-5678MedNov 6, 2023
    affected < 0.2-150400.3.6.1fixed 0.2-150400.3.6.1

    Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applicatio

  • CVE-2023-0286HigFeb 8, 2023
    affected < 0.1-150400.3.3.1fixed 0.1-150400.3.3.1

    There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This