rpm package
suse/openssl-1_1-livepatches&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/openssl-1_1-livepatches&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-9230 | Hig | 7.5 | < 0.5-150400.3.17.1 | 0.5-150400.3.17.1 | Sep 30, 2025 | Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds | |
| CVE-2024-4741 | Hig | 7.5 | < 0.4-150400.3.11.1 | 0.4-150400.3.11.1 | Nov 13, 2024 | Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of | |
| CVE-2023-5678 | Med | 5.3 | < 0.2-150400.3.6.1 | 0.2-150400.3.6.1 | Nov 6, 2023 | Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applicatio | |
| CVE-2023-0286 | Hig | 7.4 | < 0.1-150400.3.3.1 | 0.1-150400.3.3.1 | Feb 8, 2023 | There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This |
- affected < 0.5-150400.3.17.1fixed 0.5-150400.3.17.1
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds
- affected < 0.4-150400.3.11.1fixed 0.4-150400.3.11.1
Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of
- affected < 0.2-150400.3.6.1fixed 0.2-150400.3.6.1
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applicatio
- affected < 0.1-150400.3.3.1fixed 0.1-150400.3.3.1
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This