VYPR

rpm package

suse/openssl-3&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

pkg:rpm/suse/openssl-3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS

Vulnerabilities (23)

  • CVE-2025-15467HigJan 27, 2026
    affected < 3.0.8-150500.5.57.1fixed 3.0.8-150500.5.57.1

    Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When

  • CVE-2025-9230HigSep 30, 2025
    affected < 3.0.8-150500.5.54.1fixed 3.0.8-150500.5.54.1

    Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds

  • CVE-2024-13176MedJan 20, 2025
    affected < 3.0.8-150500.5.51.1fixed 3.0.8-150500.5.51.1

    Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measurin

Page 2 of 2