VYPR

rpm package

suse/openssl-3-livepatches&distro=SUSE Linux Enterprise Server 16.0

pkg:rpm/suse/openssl-3-livepatches&distro=SUSE%20Linux%20Enterprise%20Server%2016.0

Vulnerabilities (4)

  • CVE-2025-15467HigJan 27, 2026
    affected < 0.3-160000.1.1fixed 0.3-160000.1.1

    Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When

  • CVE-2025-15468Jan 27, 2026
    affected < 0.3-160000.1.1fixed 0.3-160000.1.1

    Issue summary: If an application using the SSL_CIPHER_find() function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process ca

  • CVE-2025-11187Jan 27, 2026
    affected < 0.3-160000.1.1fixed 0.3-160000.1.1

    Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash

  • CVE-2025-9230HigSep 30, 2025
    affected < 0.3-160000.1.1fixed 0.3-160000.1.1

    Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds