VYPR

rpm package

suse/openssl-3-livepatches&distro=SUSE Linux Micro 6.1

pkg:rpm/suse/openssl-3-livepatches&distro=SUSE%20Linux%20Micro%206.1

Vulnerabilities (5)

  • CVE-2026-45447HigJun 9, 2026
    affected < 0.4-slfo.1.1_1.1fixed 0.4-slfo.1.1_1.1

    Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#

  • CVE-2025-15467HigJan 27, 2026
    affected < 0.4-slfo.1.1_1.1fixed 0.4-slfo.1.1_1.1

    Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When

  • CVE-2025-15468Jan 27, 2026
    affected < 0.4-slfo.1.1_1.1fixed 0.4-slfo.1.1_1.1

    Issue summary: If an application using the SSL_CIPHER_find() function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process ca

  • CVE-2025-11187Jan 27, 2026
    affected < 0.4-slfo.1.1_1.1fixed 0.4-slfo.1.1_1.1

    Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash

  • CVE-2025-9230HigSep 30, 2025
    affected < 0.2-slfo.1.1_1.1fixed 0.2-slfo.1.1_1.1

    Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds