Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-15467 (GCVE-0-2025-15467)
Vulnerability from cvelistv5 – Published: 2026-01-27 16:01 – Updated: 2026-06-30 03:18{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-02-25T21:10:03.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/01/27/10"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/02/25/6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-15467",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-19T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T03:55:41.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/guiimoraes/CVE-2025-15467"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "AI Lightweight Inference Server",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Connector for Azure",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.8.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Databus",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "HiMed Cockpit",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE LPE9403",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE LPE9413",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE LPE9433",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3 3G-Router (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUB852-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUB852-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC622-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC626-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC632-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC636-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC642-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC646-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAB762-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM763-1 (ME)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM763-1 (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 (ME)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC (ME)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUB762-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUB762-1 iFeatures",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1 (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1 (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1 (ME)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X200-4P IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X200-4P IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X201-3P IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X201-3P IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X201-3P IRT PRO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X201-3P IRT PRO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X202-2IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X202-2IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X202-2P IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X202-2P IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X202-2P IRT PRO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X202-2P IRT PRO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204-2FM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204-2LD",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204-2LD TS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204-2TS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204IRT PRO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204IRT PRO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204RNA (HSR)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204RNA (PRP)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204RNA EEC (HSR)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204RNA EEC (PRP)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204RNA EEC (PRP/HSR)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X206-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X206-1LD",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X208",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X208PRO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X212-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X212-2LD",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X216",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X224",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X302-7 EEC (230V, coated)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X302-7 EEC (230V)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X302-7 EEC (24V, coated)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X302-7 EEC (24V)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X302-7 EEC (2x 230V, coated)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X302-7 EEC (2x 230V)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X302-7 EEC (2x 24V, coated)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X302-7 EEC (2x 24V)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X304-2FE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X306-1LD FE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-2 EEC (230V, coated)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-2 EEC (230V)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-2 EEC (24V, coated)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-2 EEC (24V)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-2 EEC (2x 230V, coated)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-2 EEC (2x 230V)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-2 EEC (2x 24V, coated)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-2 EEC (2x 24V)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-3LD",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X307-3LD",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2LD",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2LD",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2LH",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2LH",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2LH+",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2LH+",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2M",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2M",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2M PoE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2M PoE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2M TS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X308-2M TS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X310",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X310",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X310FE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X310FE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X320-1 FE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X320-1-2LD FE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X408-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC316-8",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC324-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC324-4 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC332",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC416-8",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC424-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC432",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF201-3P IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF202-2P IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF204",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF204-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF204-2BA IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF204IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF204IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF206-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF208",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR302-32",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR302-32",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR302-32",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR322-12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR322-12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR322-12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-12M (230V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-12M (230V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-12M (230V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-12M (230V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-12M (24V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-12M (24V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-12M (24V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-12M (24V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-12M TS (24V)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-12M TS (24V)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (24V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (24V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (24V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (24V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M PoE (230V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M PoE (230V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M PoE (230V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M PoE (230V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M PoE (24V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M PoE (24V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M PoE (24V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M PoE (24V, ports on rear)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M PoE TS (24V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR324-4M PoE TS (24V, ports on front)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR326-8",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR326-8",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR326-8",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR326-8 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR502-32",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR502-32",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR502-32",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR522-12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR522-12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR522-12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR524-8WG",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR524-8WG",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR524-8WG",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR524-8WG",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR526-8",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR526-8",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XR526-8",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Shopfloor IT Suite",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIDIS Prime",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V4.0.700",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Siemens OPC UA Modelling Editor (SiOME)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Comfort/Mobile RT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC eaSie Core Package",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC eaSie PCS 7 Skill Package",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Basic Panels",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V17.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Panels",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V17.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Mobile Panels",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V17 Update 9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IOT2050",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC BX-21A",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC MD-57A",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC ORCLA",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MV530 H",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MV530 S",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MV540 H",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MV540 H CRANES",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MV540 S",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MV550 H",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MV550 S",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MV560 U",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MV560 X",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PDM V9.3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RTLS Locating Manager",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RTLS Locating Manager",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RTLS Locating Manager",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RTLS Locating Manager",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RTLS Locating Manager",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RTLS Locating Manager",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RTLS Locating Manager",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC STEP 7 V5",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V5.7 SP4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Target",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC OA V3.19",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.19 P024",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC OA V3.20",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.20 P012",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC OA V3.21",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.21 P02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Advanced V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V17 Update 9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Unified Sequence",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V7.5",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V8.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V8.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMOTION OACAMGEN",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMOVE Fleetmanager V3.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMOVE Fleetmanager V3.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMOVE Fleetmanager V3.3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G200",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V6.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G220",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V6.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S200",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V6.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S210",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V6.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S220",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V6.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC INS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.0 SP2 Update 5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC Security Monitor",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINUMERIK Access MyMachine /OPC UA",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLANT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET SCALANCE X202-2P IRT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET SCALANCE X308-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SITRANS ASM IQ",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SITRANS Soft Sensor Engine IQ (SITRANS SSE IQ)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "User Management Component (UMC)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.15.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Visual Inspection Cockpit",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T09:02:04.779Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-434797.html"
}
],
"x_adpType": "supplier"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Service Interconnect 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_e4s:9.0::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_e4s:9.2::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_eus:9.4::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_eus:9.6::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cost_management:4::el9"
],
"defaultStatus": "affected",
"product": "Cost Management 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ai_inference_server:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat AI Inference Server 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:insights_proxy:1.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Insights proxy 1.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_core_services:1"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss Core Services 2.4.62.SP3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.26::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhui:5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Update Infrastructure 5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2026-01-27T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T03:18:01.953Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"name": "RHBZ#2430376",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15467.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3415"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2974"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4419"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2659"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2671"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2072"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2633"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2077"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6481"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1496"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1472"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1733"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1594"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1519"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1503"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1473"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3228"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2995"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2844"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:3415: Red Hat OpenShift Container Platform 4.13"
},
{
"lang": "en",
"value": "RHSA-2026:2974: Red Hat OpenShift Container Platform 4.14"
},
{
"lang": "en",
"value": "RHSA-2026:4419: Red Hat OpenShift Container Platform 4.15"
},
{
"lang": "en",
"value": "RHSA-2026:2659: Red Hat OpenShift Container Platform 4.16"
},
{
"lang": "en",
"value": "RHSA-2026:2671: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:2072: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:2633: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:2077: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:6481: Red Hat Service Interconnect 1"
},
{
"lang": "en",
"value": "RHSA-2026:1496: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:1472: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:1733: Red Hat Enterprise Linux AppStream E4S (v.9.0), Red Hat Enterprise Linux BaseOS E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:1594: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux BaseOS E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:1519: Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux BaseOS EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:1503: Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:1473: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3228: Cost Management 4"
},
{
"lang": "en",
"value": "RHSA-2026:3461: Red Hat AI Inference Server 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:3462: Red Hat AI Inference Server 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:1736: Red Hat Discovery 2"
},
{
"lang": "en",
"value": "RHSA-2026:7261: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:2485: Red Hat Insights proxy 1.5"
},
{
"lang": "en",
"value": "RHSA-2026:2995: Red Hat JBoss Core Services 2.4.62.SP3"
},
{
"lang": "en",
"value": "RHSA-2026:2844: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"lang": "en",
"value": "RHSA-2026:4943: Red Hat Update Infrastructure 5"
},
{
"lang": "en",
"value": "RHSA-2026:2563: Red Hat Update Infrastructure 5"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-16T14:21:50.710Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-01-27T14:00:00.000Z",
"value": "Made public."
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.6.1",
"status": "affected",
"version": "3.6.0",
"versionType": "semver"
},
{
"lessThan": "3.5.5",
"status": "affected",
"version": "3.5.0",
"versionType": "semver"
},
{
"lessThan": "3.4.4",
"status": "affected",
"version": "3.4.0",
"versionType": "semver"
},
{
"lessThan": "3.3.6",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThan": "3.0.19",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Stanislav Fort (Aisle Research)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Igor Ustinov"
}
],
"datePublic": "2026-01-27T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\u003cbr\u003emaliciously crafted AEAD parameters can trigger a stack buffer overflow.\u003cbr\u003e\u003cbr\u003eImpact summary: A stack buffer overflow may lead to a crash, causing Denial\u003cbr\u003eof Service, or potentially remote code execution.\u003cbr\u003e\u003cbr\u003eWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\u003cbr\u003eAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\u003cbr\u003ecopied into a fixed-size stack buffer without verifying that its length fits\u003cbr\u003ethe destination. An attacker can supply a crafted CMS message with an\u003cbr\u003eoversized IV, causing a stack-based out-of-bounds write before any\u003cbr\u003eauthentication or tag verification occurs.\u003cbr\u003e\u003cbr\u003eApplications and services that parse untrusted CMS or PKCS#7 content using\u003cbr\u003eAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\u003cbr\u003eBecause the overflow occurs prior to authentication, no valid key material\u003cbr\u003eis required to trigger it. While exploitability to remote code execution\u003cbr\u003edepends on platform and toolchain mitigations, the stack-based write\u003cbr\u003eprimitive represents a severe risk.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\u003cbr\u003eissue, as the CMS implementation is outside the OpenSSL FIPS module\u003cbr\u003eboundary.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.1.1 and 1.0.2 are not affected by this issue."
}
],
"value": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "High"
},
"type": "https://openssl-library.org/policies/general/security-policy/"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T17:44:51.846Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://openssl-library.org/news/secadv/20260127.txt"
},
{
"name": "3.6.1 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703"
},
{
"name": "3.5.5 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc"
},
{
"name": "3.4.4 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3"
},
{
"name": "3.3.6 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9"
},
{
"name": "3.0.19 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stack buffer overflow in CMS (Auth)EnvelopedData parsing",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2025-15467",
"datePublished": "2026-01-27T16:01:19.922Z",
"dateReserved": "2026-01-06T09:26:41.631Z",
"dateUpdated": "2026-06-30T03:18:01.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-15467",
"date": "2026-06-30",
"epss": "0.47621",
"percentile": "0.98698"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-15467\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2026-01-27T16:16:14.257\",\"lastModified\":\"2026-06-30T03:16:46.053\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\\n\\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\\nof Service, or potentially remote code execution.\\n\\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\\ncopied into a fixed-size stack buffer without verifying that its length fits\\nthe destination. An attacker can supply a crafted CMS message with an\\noversized IV, causing a stack-based out-of-bounds write before any\\nauthentication or tag verification occurs.\\n\\nApplications and services that parse untrusted CMS or PKCS#7 content using\\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\\nBecause the overflow occurs prior to authentication, no valid key material\\nis required to trigger it. While exploitability to remote code execution\\ndepends on platform and toolchain mitigations, the stack-based write\\nprimitive represents a severe risk.\\n\\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\\nissue, as the CMS implementation is outside the OpenSSL FIPS module\\nboundary.\\n\\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\\n\\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.\"},{\"lang\":\"es\",\"value\":\"Resumen del problema: Analizar un mensaje CMS AuthEnvelopedData con par\u00e1metros AEAD creados maliciosamente puede desencadenar un desbordamiento de b\u00fafer de pila.\\n\\nResumen del impacto: Un desbordamiento de b\u00fafer de pila puede provocar un fallo, causando Denegaci\u00f3n de Servicio, o potencialmente ejecuci\u00f3n remota de c\u00f3digo.\\n\\nAl analizar estructuras CMS AuthEnvelopedData que utilizan cifrados AEAD como AES-GCM, el IV (Vector de Inicializaci\u00f3n) codificado en los par\u00e1metros ASN.1 se copia en un b\u00fafer de pila de tama\u00f1o fijo sin verificar que su longitud se ajuste al destino. Un atacante puede proporcionar un mensaje CMS manipulado con un IV de tama\u00f1o excesivo, causando una escritura fuera de l\u00edmites basada en pila antes de que ocurra cualquier autenticaci\u00f3n o verificaci\u00f3n de etiqueta.\\n\\nLas aplicaciones y servicios que analizan contenido CMS o PKCS#7 no confiable utilizando cifrados AEAD (por ejemplo, S/MIME AuthEnvelopedData con AES-GCM) son vulnerables. Debido a que el desbordamiento ocurre antes de la autenticaci\u00f3n, no se requiere material de clave v\u00e1lido para desencadenarlo. Si bien la explotabilidad para la ejecuci\u00f3n remota de c\u00f3digo depende de las mitigaciones de la plataforma y la cadena de herramientas, la primitiva de escritura basada en pila representa un riesgo grave.\\n\\nLos m\u00f3dulos FIPS en 3.6, 3.5, 3.4, 3.3 y 3.0 no se ven afectados por este problema, ya que la implementaci\u00f3n de CMS est\u00e1 fuera del l\u00edmite del m\u00f3dulo FIPS de OpenSSL.\\n\\nOpenSSL 3.6, 3.5, 3.4, 3.3 y 3.0 son vulnerables a este problema.\\n\\nOpenSSL 1.1.1 y 1.0.2 no se ven afectados por este problema.\"}],\"affected\":[{\"source\":\"openssl-security@openssl.org\",\"affectedData\":[{\"vendor\":\"OpenSSL\",\"product\":\"OpenSSL\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"3.6.0\",\"lessThan\":\"3.6.1\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.5.0\",\"lessThan\":\"3.5.5\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.4.0\",\"lessThan\":\"3.4.4\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.3.0\",\"lessThan\":\"3.3.6\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.0.0\",\"lessThan\":\"3.0.19\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.13\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.13::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.20\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.20::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Service Interconnect 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_interconnect:1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS E4S (v.9.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_e4s:9.0::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS E4S (v.9.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_e4s:9.2::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_eus:9.4::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_eus:9.6::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cost Management 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cost_management:4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AI Inference Server 3.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ai_inference_server:3.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Discovery 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:discovery:2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Hardened Images\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:hummingbird:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Insights proxy 1.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:insights_proxy:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Core Services 2.4.62.SP3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_core_services:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.26::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Update Infrastructure 5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhui:5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 6\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 7\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]}]},{\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"affectedData\":[{\"vendor\":\"Siemens\",\"product\":\"AI Lightweight Inference Server\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"Connector for Azure\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V1.8.0\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"Databus\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3.2\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"HiMed Cockpit\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"RUGGEDCOM RM1224 LTE(4G) EU\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"RUGGEDCOM RM1224 LTE(4G) NAM\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE LPE9403\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE LPE9413\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE LPE9433\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M804PB\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M812-1 ADSL-Router family\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M816-1 ADSL-Router family\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M826-2 SHDSL-Router\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M874-2\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M874-3\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M874-3 3G-Router (CN)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M876-3\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M876-3 (ROK)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M876-4\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M876-4 (EU)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE M876-4 (NAM)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE MUB852-1 (A1)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE MUB852-1 (B1)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE MUM853-1 (A1)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE MUM853-1 (B1)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE MUM853-1 (EU)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE MUM856-1 (A1)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE MUM856-1 (B1)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE MUM856-1 (CN)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE MUM856-1 (EU)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE MUM856-1 (RoW)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE S615 EEC LAN-Router\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE S615 LAN-Router\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE SC622-2C\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE SC626-2C\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE SC632-2C\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE SC636-2C\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE SC642-2C\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE SC646-2C\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WAB762-1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WAM763-1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WAM763-1 (ME)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WAM763-1 (US)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WAM766-1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WAM766-1 (ME)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WAM766-1 (US)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WAM766-1 EEC\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WAM766-1 EEC (ME)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WAM766-1 EEC (US)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WUB762-1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WUB762-1 iFeatures\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WUM763-1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WUM763-1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WUM763-1 (US)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WUM763-1 (US)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WUM766-1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WUM766-1 (ME)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE WUM766-1 (USA)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X200-4P IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X200-4P IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X201-3P IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X201-3P IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X201-3P IRT PRO\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X201-3P IRT PRO\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X202-2IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X202-2IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X202-2P IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X202-2P IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X202-2P IRT PRO\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X202-2P IRT PRO\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204-2\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204-2FM\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204-2LD\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204-2LD TS\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204-2TS\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204IRT PRO\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204IRT PRO\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204RNA (HSR)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204RNA (PRP)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204RNA EEC (HSR)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204RNA EEC (PRP)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X204RNA EEC (PRP/HSR)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X206-1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X206-1LD\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X208\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X208PRO\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X212-2\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X212-2LD\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X216\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X224\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X302-7 EEC (230V, coated)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X302-7 EEC (230V)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X302-7 EEC (24V, coated)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X302-7 EEC (24V)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X302-7 EEC (2x 230V, coated)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X302-7 EEC (2x 230V)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X302-7 EEC (2x 24V, coated)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X302-7 EEC (2x 24V)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X304-2FE\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X306-1LD FE\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-2 EEC (230V, coated)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-2 EEC (230V)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-2 EEC (24V, coated)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-2 EEC (24V)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-2 EEC (2x 230V, coated)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-2 EEC (2x 230V)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-2 EEC (2x 24V, coated)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-2 EEC (2x 24V)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-3\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-3\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-3LD\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X307-3LD\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2LD\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2LD\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2LH\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2LH\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2LH+\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2LH+\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2M\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2M\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2M PoE\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2M PoE\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2M TS\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X308-2M TS\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X310\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X310\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X310FE\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X310FE\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X320-1 FE\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X320-1-2LD FE\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE X408-2\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XC316-8\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XC324-4\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XC324-4 EEC\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XC332\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XC416-8\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XC424-4\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XC432\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XF201-3P IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XF202-2P IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XF204\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XF204-2\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XF204-2BA IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XF204IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XF204IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XF206-1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XF208\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR302-32\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR302-32\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR302-32\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR322-12\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR322-12\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR322-12\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-12M (230V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-12M (230V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-12M (230V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-12M (230V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-12M (24V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-12M (24V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-12M (24V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-12M (24V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-12M TS (24V)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-12M TS (24V)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (24V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (24V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (24V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (24V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (2x 24V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (2x 24V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (2x 24V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M EEC (2x 24V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M PoE (230V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M PoE (230V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M PoE (230V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M PoE (230V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M PoE (24V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M PoE (24V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M PoE (24V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M PoE (24V, ports on rear)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M PoE TS (24V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR324-4M PoE TS (24V, ports on front)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR326-8\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR326-8\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR326-8\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR326-8 EEC\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR502-32\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR502-32\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR502-32\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR522-12\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR522-12\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR522-12\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR524-8WG\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR524-8WG\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR524-8WG\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR524-8WG\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR526-8\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR526-8\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XR526-8\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"Shopfloor IT Suite\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIDIS Prime\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V4.0.700\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"Siemens OPC UA Modelling Editor (SiOME)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC Comfort/Mobile RT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC eaSie Core Package\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC eaSie PCS 7 Skill Package\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC HMI Basic Panels\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V17.9\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC HMI Comfort Panels\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V17.9\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC HMI Mobile Panels\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V17 Update 9\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC IOT2050\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC IPC BX-21A\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC IPC MD-57A\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC IPC ORCLA\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC MV530 H\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC MV530 S\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC MV540 H\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC MV540 H CRANES\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC MV540 S\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC MV550 H\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC MV550 S\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC MV560 U\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC MV560 X\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC PDM V9.3\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC RTLS Locating Manager\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC RTLS Locating Manager\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC RTLS Locating Manager\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC RTLS Locating Manager\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC RTLS Locating Manager\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC RTLS Locating Manager\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC RTLS Locating Manager\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC STEP 7 V5\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V5.7 SP4\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC Target\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC WinCC OA V3.19\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.19 P024\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC WinCC OA V3.20\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.20 P012\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC WinCC OA V3.21\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.21 P02\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC WinCC Runtime Advanced V17\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V17 Update 9\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC WinCC Unified Sequence\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V21\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC WinCC V7.5\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC WinCC V8.0\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC WinCC V8.1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMOTION OACAMGEN\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMOVE Fleetmanager V3.1\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMOVE Fleetmanager V3.2\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMOVE Fleetmanager V3.3\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINAMICS G200\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V6.3\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINAMICS G220\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V6.3\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINAMICS S200\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V6.3\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINAMICS S210\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V6.3\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINAMICS S220\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V6.3\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINEC INS\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V1.0 SP2 Update 5\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINEC NMS\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINEC Security Monitor\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINUMERIK Access MyMachine /OPC UA\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLANT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS NET SCALANCE X202-2P IRT\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS NET SCALANCE X308-2\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SITRANS ASM IQ\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SITRANS Soft Sensor Engine IQ (SITRANS SSE IQ)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"User Management Component (UMC)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V2.15.3.0\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"Visual Inspection Cockpit\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-19T00:00:00+00:00\",\"id\":\"CVE-2025-15467\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.0.19\",\"matchCriteriaId\":\"C76C5F55-5243-4461-82F5-2FEBFF4D59FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.0\",\"versionEndExcluding\":\"3.3.6\",\"matchCriteriaId\":\"791BA794-23EF-4671-B96B-3A7E3BF52490\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.0\",\"versionEndExcluding\":\"3.4.4\",\"matchCriteriaId\":\"B9D3DCAE-317D-4DFB-93F0-7A235A229619\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5.0\",\"versionEndExcluding\":\"3.5.5\",\"matchCriteriaId\":\"1CAC7CBE-EC03-4089-938A-0CEEB2E09B62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.6.0\",\"versionEndExcluding\":\"3.6.1\",\"matchCriteriaId\":\"68352537-5E99-4F4D-B78A-BCF0353A70A5\"}]}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://openssl-library.org/news/secadv/20260127.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/01/27/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/02/25/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1472\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1473\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1496\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1503\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1519\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1594\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1733\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1736\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2072\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2077\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2485\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2563\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2633\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2659\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2671\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2844\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2974\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2995\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3228\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3415\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3461\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3462\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4419\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4943\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6481\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7261\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-15467\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2430376\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-434797.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://github.com/guiimoraes/CVE-2025-15467\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15467.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2026/01/27/10\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/02/25/6\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-02-25T21:10:03.795Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"AI Lightweight Inference Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"Connector for Azure\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V1.8.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"Databus\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"HiMed Cockpit\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM RM1224 LTE(4G) EU\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM RM1224 LTE(4G) NAM\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE LPE9403\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE LPE9413\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE LPE9433\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M804PB\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M812-1 ADSL-Router family\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M816-1 ADSL-Router family\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M826-2 SHDSL-Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M874-2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M874-3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M874-3 3G-Router (CN)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M876-3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M876-3 (ROK)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M876-4\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M876-4 (EU)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M876-4 (NAM)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUB852-1 (A1)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUB852-1 (B1)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM853-1 (A1)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM853-1 (B1)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM853-1 (EU)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM856-1 (A1)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM856-1 (B1)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM856-1 (CN)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM856-1 (EU)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM856-1 (RoW)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE S615 EEC LAN-Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE S615 LAN-Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE SC622-2C\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE SC626-2C\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE SC632-2C\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE SC636-2C\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE SC642-2C\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE SC646-2C\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAB762-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM763-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM763-1 (ME)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM763-1 (US)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM766-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM766-1 (ME)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM766-1 (US)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM766-1 EEC\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM766-1 EEC (ME)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM766-1 EEC (US)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUB762-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUB762-1 iFeatures\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM763-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM763-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM763-1 (US)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM763-1 (US)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM766-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM766-1 (ME)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM766-1 (USA)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X200-4P IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X200-4P IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X201-3P IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X201-3P IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X201-3P IRT PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X201-3P IRT PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X202-2IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X202-2IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X202-2P IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X202-2P IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X202-2P IRT PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X202-2P IRT PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204-2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204-2FM\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204-2LD\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204-2LD TS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204-2TS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204IRT PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204IRT PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204RNA (HSR)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204RNA (PRP)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204RNA EEC (HSR)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204RNA EEC (PRP)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X204RNA EEC (PRP/HSR)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X206-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X206-1LD\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X208\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X208PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X212-2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X212-2LD\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X216\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X224\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X302-7 EEC (230V, coated)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X302-7 EEC (230V)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X302-7 EEC (24V, coated)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X302-7 EEC (24V)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X302-7 EEC (2x 230V, coated)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X302-7 EEC (2x 230V)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X302-7 EEC (2x 24V, coated)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X302-7 EEC (2x 24V)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X304-2FE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X306-1LD FE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-2 EEC (230V, coated)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-2 EEC (230V)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-2 EEC (24V, coated)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-2 EEC (24V)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-2 EEC (2x 230V, coated)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-2 EEC (2x 230V)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-2 EEC (2x 24V, coated)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-2 EEC (2x 24V)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-3LD\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X307-3LD\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2LD\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2LD\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2LH\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2LH\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2LH+\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2LH+\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2M\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2M\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2M PoE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2M PoE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2M TS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X308-2M TS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X310\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X310\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X310FE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X310FE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X320-1 FE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X320-1-2LD FE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE X408-2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XC316-8\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XC324-4\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XC324-4 EEC\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XC332\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XC416-8\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XC424-4\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XC432\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XF201-3P IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XF202-2P IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XF204\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XF204-2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XF204-2BA IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XF204IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XF204IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XF206-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XF208\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR302-32\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR302-32\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR302-32\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR322-12\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR322-12\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR322-12\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-12M (230V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-12M (230V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-12M (230V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-12M (230V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-12M (24V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-12M (24V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-12M (24V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-12M (24V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-12M TS (24V)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-12M TS (24V)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (24V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (24V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (24V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (24V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (2x 24V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (2x 24V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (2x 24V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M EEC (2x 24V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M PoE (230V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M PoE (230V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M PoE (230V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M PoE (230V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M PoE (24V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M PoE (24V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M PoE (24V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M PoE (24V, ports on rear)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M PoE TS (24V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR324-4M PoE TS (24V, ports on front)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR326-8\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR326-8\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR326-8\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR326-8 EEC\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR502-32\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR502-32\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR502-32\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR522-12\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR522-12\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR522-12\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR524-8WG\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR524-8WG\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR524-8WG\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR524-8WG\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR526-8\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR526-8\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XR526-8\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"Shopfloor IT Suite\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIDIS Prime\", \"versions\": [{\"status\": \"affected\", \"version\": \"V4.0.700\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"Siemens OPC UA Modelling Editor (SiOME)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC Comfort/Mobile RT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC eaSie Core Package\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC eaSie PCS 7 Skill Package\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC HMI Basic Panels\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V17.9\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC HMI Comfort Panels\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V17.9\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC HMI Mobile Panels\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V17 Update 9\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IOT2050\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC BX-21A\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC MD-57A\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC ORCLA\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC MV530 H\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC MV530 S\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC MV540 H\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC MV540 H CRANES\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC MV540 S\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC MV550 H\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC MV550 S\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC MV560 U\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC MV560 X\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC PDM V9.3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC RTLS Locating Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC RTLS Locating Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC RTLS Locating Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC RTLS Locating Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC RTLS Locating Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC RTLS Locating Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC RTLS Locating Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC STEP 7 V5\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V5.7 SP4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC Target\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC WinCC OA V3.19\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.19 P024\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC WinCC OA V3.20\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.20 P012\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC WinCC OA V3.21\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.21 P02\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC WinCC Runtime Advanced V17\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V17 Update 9\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC WinCC Unified Sequence\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V21\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC WinCC V7.5\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC WinCC V8.0\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC WinCC V8.1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMOTION OACAMGEN\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMOVE Fleetmanager V3.1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMOVE Fleetmanager V3.2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMOVE Fleetmanager V3.3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINAMICS G200\", \"versions\": [{\"status\": \"affected\", \"version\": \"V6.3\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINAMICS G220\", \"versions\": [{\"status\": \"affected\", \"version\": \"V6.3\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINAMICS S200\", \"versions\": [{\"status\": \"affected\", \"version\": \"V6.3\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINAMICS S210\", \"versions\": [{\"status\": \"affected\", \"version\": \"V6.3\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINAMICS S220\", \"versions\": [{\"status\": \"affected\", \"version\": \"V6.3\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINEC INS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V1.0 SP2 Update 5\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINEC NMS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINEC Security Monitor\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINUMERIK Access MyMachine /OPC UA\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLANT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS NET SCALANCE X202-2P IRT\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS NET SCALANCE X308-2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SITRANS ASM IQ\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SITRANS Soft Sensor Engine IQ (SITRANS SSE IQ)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"User Management Component (UMC)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V2.15.3.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"Visual Inspection Cockpit\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-434797.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-06-09T09:02:04.779Z\"}}, {\"title\": \"openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:openshift:4.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.13\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.17\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.19\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.20::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.20\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Service Interconnect 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:9.0::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.9.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:9.2::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cost_management:4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Cost Management 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ai_inference_server:3.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AI Inference Server 3.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:discovery:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Discovery 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:hummingbird:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Hardened Images\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:insights_proxy:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Insights proxy 1.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_core_services:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Core Services 2.4.62.SP3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3.26::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhui:5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Update Infrastructure 5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-01-16T14:21:50.710Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-01-27T14:00:00.000Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:3415: Red Hat OpenShift Container Platform 4.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2974: Red Hat OpenShift Container Platform 4.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4419: Red Hat OpenShift Container Platform 4.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2659: Red Hat OpenShift Container Platform 4.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2671: Red Hat OpenShift Container Platform 4.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2072: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2633: Red Hat OpenShift Container Platform 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2077: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6481: Red Hat Service Interconnect 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:1496: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:1472: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:1733: Red Hat Enterprise Linux AppStream E4S (v.9.0), Red Hat Enterprise Linux BaseOS E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:1594: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux BaseOS E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:1519: Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux BaseOS EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:1503: Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:1473: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3228: Cost Management 4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3461: Red Hat AI Inference Server 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3462: Red Hat AI Inference Server 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:1736: Red Hat Discovery 2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7261: Red Hat Hardened Images\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2485: Red Hat Insights proxy 1.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2995: Red Hat JBoss Core Services 2.4.62.SP3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2844: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4943: Red Hat Update Infrastructure 5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2563: Red Hat Update Infrastructure 5\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-01-27T14:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2025-15467\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2430376\", \"name\": \"RHBZ#2430376\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15467.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3415\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2974\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4419\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2659\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2671\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2072\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2633\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2077\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6481\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1496\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1472\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1733\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1594\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1519\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1503\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1473\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3228\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3461\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3462\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1736\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7261\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2485\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2995\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2844\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4943\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2563\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-06-30T03:18:01.953Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-15467\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-19T18:39:38.156023Z\"}}}], \"references\": [{\"url\": \"https://github.com/guiimoraes/CVE-2025-15467\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-29T14:50:51.477Z\"}}], \"cna\": {\"title\": \"Stack buffer overflow in CMS (Auth)EnvelopedData parsing\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Stanislav Fort (Aisle Research)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Igor Ustinov\"}], \"metrics\": [{\"other\": {\"type\": \"https://openssl-library.org/policies/general/security-policy/\", \"content\": {\"text\": \"High\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.6.0\", \"lessThan\": \"3.6.1\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.5.0\", \"lessThan\": \"3.5.5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.4.0\", \"lessThan\": \"3.4.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.19\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2026-01-27T14:00:00.000Z\", \"references\": [{\"url\": \"https://openssl-library.org/news/secadv/20260127.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703\", \"name\": \"3.6.1 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc\", \"name\": \"3.5.5 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3\", \"name\": \"3.4.4 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9\", \"name\": \"3.3.6 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e\", \"name\": \"3.0.19 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\\n\\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\\nof Service, or potentially remote code execution.\\n\\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\\ncopied into a fixed-size stack buffer without verifying that its length fits\\nthe destination. An attacker can supply a crafted CMS message with an\\noversized IV, causing a stack-based out-of-bounds write before any\\nauthentication or tag verification occurs.\\n\\nApplications and services that parse untrusted CMS or PKCS#7 content using\\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\\nBecause the overflow occurs prior to authentication, no valid key material\\nis required to trigger it. While exploitability to remote code execution\\ndepends on platform and toolchain mitigations, the stack-based write\\nprimitive represents a severe risk.\\n\\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\\nissue, as the CMS implementation is outside the OpenSSL FIPS module\\nboundary.\\n\\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\\n\\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\u003cbr\u003emaliciously crafted AEAD parameters can trigger a stack buffer overflow.\u003cbr\u003e\u003cbr\u003eImpact summary: A stack buffer overflow may lead to a crash, causing Denial\u003cbr\u003eof Service, or potentially remote code execution.\u003cbr\u003e\u003cbr\u003eWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\u003cbr\u003eAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\u003cbr\u003ecopied into a fixed-size stack buffer without verifying that its length fits\u003cbr\u003ethe destination. An attacker can supply a crafted CMS message with an\u003cbr\u003eoversized IV, causing a stack-based out-of-bounds write before any\u003cbr\u003eauthentication or tag verification occurs.\u003cbr\u003e\u003cbr\u003eApplications and services that parse untrusted CMS or PKCS#7 content using\u003cbr\u003eAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\u003cbr\u003eBecause the overflow occurs prior to authentication, no valid key material\u003cbr\u003eis required to trigger it. While exploitability to remote code execution\u003cbr\u003edepends on platform and toolchain mitigations, the stack-based write\u003cbr\u003eprimitive represents a severe risk.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\u003cbr\u003eissue, as the CMS implementation is outside the OpenSSL FIPS module\u003cbr\u003eboundary.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2026-02-25T17:44:51.846Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-15467\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-30T03:18:01.953Z\", \"dateReserved\": \"2026-01-06T09:26:41.631Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2026-01-27T16:01:19.922Z\", \"assignerShortName\": \"openssl\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:3461
Vulnerability from csaf_redhat - Published: 2026-02-27 14:54 - Updated: 2026-07-01 00:25A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.
CWE-918 - Server-Side Request Forgery (SSRF)| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.
CWE-1188 - Initialization of a Resource with an Insecure Default| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM’s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the server implementation of vLLM, where the handling of Jinja templates does not properly validate user-supplied input through the chat_template and chat_template_kwargs parameters. When a specially crafted template is processed, it can trigger excessive looping or recursion inside the Jinja engine, consuming large amounts of CPU and memory. This can cause the server to become unresponsive or crash, resulting in a denial-of-service (DoS) condition for applications using vLLM.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor’s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability in vLLM allows an authenticated user to trigger unintended tokenization during chat template processing by supplying crafted chat_template_kwargs to the /v1/chat/completions or /tokenize endpoints. By forcing the server to tokenize very large inputs, an attacker can block the API server’s event loop for extended periods, causing a denial of service and delaying all other requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Ray’s HTTP API endpoint handling (e.g. /api/jobs, /api/job_agent/jobs/), which allows a remote attacker to trigger arbitrary code execution when a developer using Ray visits a malicious website in a vulnerable browser (e.g. Firefox or Safari). The root cause is an insufficient defense relying solely on the User-Agent header starting with “Mozilla”, which can be manipulated under the fetch specification — enabling a DNS-rebinding attack to bypass browser-based protections.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A denial of service vulnerability has been discovered in the python Starlette framework. an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This induces CPU exhaustion per request, causing a denial‑of‑service for endpoints serving files.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model's configuration, even when explicit security measures are set to prevent it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in protobuf. A remote attacker can exploit this denial-of-service (DoS) vulnerability by supplying deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’s recursion stack and causing a `RecursionError`, which results in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted 1x1 pixel image to a vLLM engine serving multimodal models that use the Idefics3 vision model implementation. This leads to a tensor dimension mismatch, causing an unhandled runtime error and resulting in complete server termination, effectively a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted video URL to vLLM's multimodal endpoint. This action causes vLLM to leak a heap memory address, significantly reducing the effectiveness of Address Space Layout Randomization (ASLR). This information disclosure can then be chained with a heap overflow vulnerability to achieve remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). This vulnerability allows a remote attacker to achieve arbitrary code execution on the vLLM host during model loading. This occurs because vLLM loads Hugging Face `auto_map` dynamic modules without properly validating the `trust_remote_code` setting. By influencing the model repository or path, an attacker can execute malicious Python code at server startup, even before any API requests are handled.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Python-Multipart, a tool for parsing multipart form data in Python applications. This vulnerability, known as path traversal, allows a remote attacker to write uploaded files to any location on the server's file system. This exploitation occurs when specific non-default configuration options, `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`, are enabled, and a malicious filename is provided during a file upload. The primary consequence is unauthorized file creation or modification, which could lead to system compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class, specifically within the load_from_url and load_from_url_async methods. An attacker can exploit differing interpretations of backslashes by Python parsing libraries used for host restrictions to bypass these restrictions. This allows the attacker to force the vLLM server to make arbitrary requests to internal network resources, potentially leading to information disclosure, denial of service, or unauthorized access within containerized environments.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.2 (CUDA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3461",
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47906",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-5318",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53905",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53906",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59425",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61620",
"url": "https://access.redhat.com/security/cve/CVE-2025-61620"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62164",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62372",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6242",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62426",
"url": "https://access.redhat.com/security/cve/CVE-2025-62426"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62593",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62727",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69223",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8176",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9900",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0994",
"url": "https://access.redhat.com/security/cve/CVE-2026-0994"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22773",
"url": "https://access.redhat.com/security/cve/CVE-2026-22773"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22778",
"url": "https://access.redhat.com/security/cve/CVE-2026-22778"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22807",
"url": "https://access.redhat.com/security/cve/CVE-2026-22807"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24486",
"url": "https://access.redhat.com/security/cve/CVE-2026-24486"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24779",
"url": "https://access.redhat.com/security/cve/CVE-2026-24779"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25990",
"url": "https://access.redhat.com/security/cve/CVE-2026-25990"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-48022",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52355",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52356",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56433",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15467",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3461.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (CUDA)",
"tracking": {
"current_release_date": "2026-07-01T00:25:37+00:00",
"generator": {
"date": "2026-07-01T00:25:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:3461",
"initial_release_date": "2026-02-27T14:54:46+00:00",
"revision_history": [
{
"date": "2026-02-27T14:54:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-27T14:54:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:25:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-cuda-rhel9@sha256%3Adcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=1772160593"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64",
"product_id": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-cuda-rhel9@sha256%3Afa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f?arch=arm64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=1772160593"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48022",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-08-07T17:35:20.588000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray Job Submission Arbitrary Code Execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "RHBZ#2387122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022"
}
],
"release_date": "2025-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray Job Submission Arbitrary Code Execution"
},
{
"cve": "CVE-2023-52355",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251326"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified out-of-memory vulnerability in libtiff, triggered by a crafted TIFF file passed to the TIFFRasterScanlineSize64() API, presents a moderate severity concern rather than a important one due to several factors. Primarily, the exploit requires the crafted input to be smaller than 379 KB, imposing a limitation on the potential impact and reducing the likelihood of successful exploitation in practical scenarios. Furthermore, the nature of the vulnerability is limited to denial-of-service attacks, which, although disruptive, do not inherently pose a direct risk of data compromise or system compromise. However, it\u0027s important to acknowledge that denial-of-service attacks can still have significant operational implications, particularly in environments reliant on continuous availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "RHBZ#2251326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/621",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM"
},
{
"cve": "CVE-2023-52356",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251344"
}
],
"notes": [
{
"category": "description",
"text": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw allows an attacker to potentially cause a denial of service attack by crashing a program, but the impact is minimal.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "RHBZ#2251344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/622",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/622"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service"
},
{
"cve": "CVE-2024-56433",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2024-12-26T09:00:54.065197+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2334165"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "RHBZ#2334165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241",
"url": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/issues/1157",
"url": "https://github.com/shadow-maint/shadow/issues/1157"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/releases/tag/4.4",
"url": "https://github.com/shadow-maint/shadow/releases/tag/4.4"
}
],
"release_date": "2024-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise"
},
{
"acknowledgments": [
{
"names": [
"Ronald Crane"
]
}
],
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-05-29T06:48:59.169000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369131"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libssh: out-of-bounds read in sftp_handle()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue requires an attacker with valid credentials to access a server, limiting the scope to legitimate users of the SFTP service. Due to this reason, this flaw has been rated with a Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "RHBZ#2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt",
"url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt"
}
],
"release_date": "2025-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libssh: out-of-bounds read in sftp_handle()"
},
{
"cve": "CVE-2025-6242",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-06-18T15:26:47.633000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373716"
}
],
"notes": [
{
"category": "description",
"text": "A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project\u0027s multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Server Side request forgery (SSRF) in MediaConnector",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as having the severity of Important by the Red Hat Product Security team as a successful exploitation by an attacker may lead to confidential data being leaked or a denial of service. Additionally the fact a unprivileged user can trigger this vulnerability through the network also contributes for the severity.\n\nThis vulnerability has its risk amplified on orchestrated environments as pods running the vLLM may eventually communicate with each other through internal cluster routing, including services that should not have been exposed to external networks. An attacker may leverage this flaw to interact with internal services, perform network reconnaissance or trigger a denial of service by leading other internal services to fail.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "RHBZ#2373716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373716"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-3f6c-7fw2-ppm4",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-3f6c-7fw2-ppm4"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Server Side request forgery (SSRF) in MediaConnector"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-47906",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-18T19:00:47.541046+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396546"
}
],
"notes": [
{
"category": "description",
"text": "A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os/exec: Unexpected paths returned from LookPath in os/exec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "RHBZ#2396546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://go.dev/cl/691775",
"url": "https://go.dev/cl/691775"
},
{
"category": "external",
"summary": "https://go.dev/issue/74466",
"url": "https://go.dev/issue/74466"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3956",
"url": "https://pkg.go.dev/vuln/GO-2025-3956"
}
],
"release_date": "2025-09-18T18:41:11.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os/exec: Unexpected paths returned from LookPath in os/exec"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-53905",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:19.770241+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380362"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversial",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "RHBZ#2380362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239",
"url": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr",
"url": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr"
}
],
"release_date": "2025-07-15T20:48:34.764000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversial"
},
{
"cve": "CVE-2025-53906",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:15.057182+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380360"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "RHBZ#2380360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8",
"url": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86",
"url": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86"
}
],
"release_date": "2025-07-15T20:52:40.137000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-59425",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2025-09-22T06:45:41.577000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397234"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM\u2019s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The RedHat security team has rated the severity of this issue as Important. The vulnerability is remotely exploitable without authentication or user interaction and can result in authentication bypass. The root cause was the use of a non-constant-time string comparison, which leaked timing information. Successful exploitation could lead to unauthorized access to APIs and sensitive resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "RHBZ#2397234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48",
"url": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-wr9h-g72x-mwhm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-wr9h-g72x-mwhm"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass"
},
{
"acknowledgments": [
{
"names": [
"keymoon",
"Ga_ryo",
"Isotr0py",
"DarkLight1337"
]
}
],
"cve": "CVE-2025-61620",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-06T05:59:34.077000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the server implementation of vLLM, where the handling of Jinja templates does not properly validate user-supplied input through the chat_template and chat_template_kwargs parameters. When a specially crafted template is processed, it can trigger excessive looping or recursion inside the Jinja engine, consuming large amounts of CPU and memory. This can cause the server to become unresponsive or crash, resulting in a denial-of-service (DoS) condition for applications using vLLM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM OpenAI-Compatible Server Resource Exhaustion via chat_template Parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed the severity of this vulnerability as Moderate, as it requires authenticated access or the ability to supply templates to the vLLM server. Successful exploitation allows an attacker to exhaust system resources by submitting maliciously crafted Jinja templates that trigger excessive CPU and memory usage. The vulnerability\u2019s root cause is the lack of proper validation and sandboxing of user-supplied template data, which can lead to denial of service (DoS) conditions affecting the availability of services built on vLLM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61620"
},
{
"category": "external",
"summary": "RHBZ#2401761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61620"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-6fvq-23cw-5628",
"url": "https://github.com/advisories/GHSA-6fvq-23cw-5628"
}
],
"release_date": "2025-10-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM OpenAI-Compatible Server Resource Exhaustion via chat_template Parameters"
},
{
"cve": "CVE-2025-62164",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-21T02:01:11.280042+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416282"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered important rather than moderate because it involves unsafe deserialization leading to memory corruption in a network-reachable, unauthenticated API path. Unlike typical moderate flaws that may only allow limited DoS or require specific conditions, this issue allows an attacker to supply a crafted sparse tensor that triggers an out-of-bounds memory write during PyTorch\u2019s to_dense() conversion. Memory corruption in a server process handling untrusted input significantly elevates security risk because it can lead not only to a reliable crash but also to potential remote code execution, enabling full compromise of the vLLM service. Additionally, the affected code path is part of the standard Completions API workflow, making the attack surface broadly exposed in real deployments. The combination of remote exploitability, unauthenticated access, memory corruption, and potential RCE clearly positions this issue above a moderate classification and into an important severity level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "RHBZ#2416282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf"
}
],
"release_date": "2025-11-21T01:18:38.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE"
},
{
"cve": "CVE-2025-62372",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-11-21T02:00:57.180567+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416280"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor\u2019s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated Moderate rather than Important because its impact is strictly limited to availability and requires low but existing privileges to exploit. The issue arises from incomplete shape validation of multimodal embedding tensors, which can cause deterministic crashes in the inference engine, but it does not enable memory corruption, data leakage, integrity compromise, or execution of arbitrary code. Exploitation requires an authenticated or API-key-holding user to submit malformed multimodal inputs, meaning it cannot be triggered by an unauthenticated attacker on an exposed endpoint. Additionally, the failure mode is a clean crash rather than undefined behavior, so the blast radius is constrained to service interruption rather than broader systemic compromise. These factors\u2014PR:L requirement, no confidentiality/integrity impact, deterministic failure mode, and scoped DoS only\u2014technically align the issue with Moderate severity instead of an Important flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "RHBZ#2416280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/6613",
"url": "https://github.com/vllm-project/vllm/pull/6613"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw"
}
],
"release_date": "2025-11-21T01:22:37.121000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs"
},
{
"cve": "CVE-2025-62426",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-11-21T02:00:49.606988+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416278"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows an authenticated user to trigger unintended tokenization during chat template processing by supplying crafted chat_template_kwargs to the /v1/chat/completions or /tokenize endpoints. By forcing the server to tokenize very large inputs, an attacker can block the API server\u2019s event loop for extended periods, causing a denial of service and delaying all other requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw is limited to a denial-of-service vector that requires an authenticated user and relies on abusing an optional, non-security-critical parameter (chat_template_kwargs) to force unexpected tokenization during template application, which is computationally expensive but not indicative of data corruption, privilege escalation, or code execution. The attacker cannot break isolation boundaries or execute arbitrary logic\u2014they can only cause the server\u2019s event loop to stall through large crafted inputs, and only if they already have access to the vLLM API. Moreover, the DoS condition is resource-intensive, depends heavily on model size and server configuration, and does not persist once the malicious request completes. Because the impact is bounded to temporary availability degradation without confidentiality or integrity loss, and because exploitation requires legitimate API access and large payloads, this issue aligns with a Moderate severity rather than an Important/High flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62426"
},
{
"category": "external",
"summary": "RHBZ#2416278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62426",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62426"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/chat_utils.py#L1602-L1610",
"url": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/chat_utils.py#L1602-L1610"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/openai/serving_engine.py#L809-L814",
"url": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/openai/serving_engine.py#L809-L814"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/3ada34f9cb4d1af763fdfa3b481862a93eb6bd2b",
"url": "https://github.com/vllm-project/vllm/commit/3ada34f9cb4d1af763fdfa3b481862a93eb6bd2b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27205",
"url": "https://github.com/vllm-project/vllm/pull/27205"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-69j4-grxj-j64p",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-69j4-grxj-j64p"
}
],
"release_date": "2025-11-21T01:21:29.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`"
},
{
"cve": "CVE-2025-62593",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-11-26T23:01:25.307125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417394"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Ray\u2019s HTTP API endpoint handling (e.g. /api/jobs, /api/job_agent/jobs/), which allows a remote attacker to trigger arbitrary code execution when a developer using Ray visits a malicious website in a vulnerable browser (e.g. Firefox or Safari). The root cause is an insufficient defense relying solely on the User-Agent header starting with \u201cMozilla\u201d, which can be manipulated under the fetch specification \u2014 enabling a DNS-rebinding attack to bypass browser-based protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has chosen to keep this as Important instead of Critical severity because the successful exploitation of this vulnerability requires user interaction in conjunction with a DNS rebinding attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "RHBZ#2417394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417394"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62593"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09",
"url": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v",
"url": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v"
}
],
"release_date": "2025-11-26T22:28:28.577000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack"
},
{
"cve": "CVE-2025-62727",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2025-10-28T21:01:03.833849+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406929"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability has been discovered in the python Starlette framework. an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette\u0027s FileResponse Range parsing/merging logic. This induces CPU exhaustion per request, causing a denial\u2011of\u2011service for endpoints serving files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "starlette: Starlette DoS via Range header merging",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "RHBZ#2406929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5",
"url": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8",
"url": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8"
}
],
"release_date": "2025-10-28T20:14:53.655000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "starlette: Starlette DoS via Range header merging"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-69223",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-06T20:01:19.831548+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427456"
}
],
"notes": [
{
"category": "description",
"text": "A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "RHBZ#2427456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a",
"url": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a"
},
{
"category": "external",
"summary": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg"
}
],
"release_date": "2026-01-05T22:00:17.715000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb"
},
{
"cve": "CVE-2026-0994",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2026-01-23T16:02:59.235878+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2432398"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobuf. A remote attacker can exploit this denial-of-service (DoS) vulnerability by supplying deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python\u2019s recursion stack and causing a `RecursionError`, which results in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: protobuf: Protobuf: Denial of Service due to recursion depth bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in `protobuf` allows a remote attacker to trigger a denial-of-service by providing specially crafted, deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to resource exhaustion and application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0994"
},
{
"category": "external",
"summary": "RHBZ#2432398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0994",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/pull/25239",
"url": "https://github.com/protocolbuffers/protobuf/pull/25239"
}
],
"release_date": "2026-01-23T14:55:16.876000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python: protobuf: Protobuf: Denial of Service due to recursion depth bypass"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-22773",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-10T07:01:22.641229+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428443"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted 1x1 pixel image to a vLLM engine serving multimodal models that use the Idefics3 vision model implementation. This leads to a tensor dimension mismatch, causing an unhandled runtime error and resulting in complete server termination, effectively a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat products. A remote attacker can trigger a denial of service in vLLM engines serving multimodal models that use the Idefics3 vision model by sending a specially crafted image, leading to complete server termination. This affects Red Hat AI Inference Server and Red Hat OpenShift AI (RHOAI) when configured with the vulnerable vLLM versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22773"
},
{
"category": "external",
"summary": "RHBZ#2428443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428443"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22773",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22773"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-grg2-63fw-f2qr",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-grg2-63fw-f2qr"
}
],
"release_date": "2026-01-10T06:39:02.276000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving"
},
{
"cve": "CVE-2026-22778",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2026-02-03T00:01:43.512265+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436113"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted video URL to vLLM\u0027s multimodal endpoint. This action causes vLLM to leak a heap memory address, significantly reducing the effectiveness of Address Space Layout Randomization (ASLR). This information disclosure can then be chained with a heap overflow vulnerability to achieve remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Critical rather than Important because it allows unauthenticated remote code execution without requiring user interaction, ultimately leading to full compromise of the affected system. An attacker can provide a malicious video URL to a vulnerable vLLM inference endpoint, which causes the service to automatically retrieve and process attacker-controlled media content. During decoding, a heap overflow is triggered in the underlying video processing stack, enabling corruption of heap memory and potential overwriting of control structures to execute arbitrary commands on the host. In addition, an information disclosure condition can leak memory addresses, significantly weakening ASLR protections and making exploitation more reliable when combined with the heap overflow. Successful exploitation compromises the confidentiality, integrity, and availability of the system and can impact deployments such as Red Hat AI Inference Server, Red Hat Enterprise Linux AI, and Red Hat OpenShift AI, thereby meeting Red Hat\u2019s criteria for Critical severity rather than Important impact.\n\nThe vLLM vulnerability depends on CVE-2025-9951, as processing attacker-controlled media can trigger the JPEG2000 decoder heap overflow, which can then be exploited within the vLLM video handling pipeline to cause memory corruption and potentially achieve remote code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22778"
},
{
"category": "external",
"summary": "RHBZ#2436113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436113"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22778",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22778"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/31987",
"url": "https://github.com/vllm-project/vllm/pull/31987"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32319",
"url": "https://github.com/vllm-project/vllm/pull/32319"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/releases/tag/v0.14.1",
"url": "https://github.com/vllm-project/vllm/releases/tag/v0.14.1"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-4r2x-xpjr-7cvv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-4r2x-xpjr-7cvv"
}
],
"release_date": "2026-02-02T21:09:53.265000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint."
},
{
"cve": "CVE-2026-22807",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-01-21T22:00:55.823882+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431865"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). This vulnerability allows a remote attacker to achieve arbitrary code execution on the vLLM host during model loading. This occurs because vLLM loads Hugging Face `auto_map` dynamic modules without properly validating the `trust_remote_code` setting. By influencing the model repository or path, an attacker can execute malicious Python code at server startup, even before any API requests are handled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Arbitrary code execution via untrusted model loading",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as vLLM, an inference and serving engine for large language models, is vulnerable to arbitrary code execution. An attacker influencing the model repository or path can execute malicious Python code during server startup, affecting vLLM versions 0.10.1 through 0.13.x.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22807"
},
{
"category": "external",
"summary": "RHBZ#2431865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431865"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22807",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22807"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/78d13ea9de4b1ce5e4d8a5af9738fea71fb024e5",
"url": "https://github.com/vllm-project/vllm/commit/78d13ea9de4b1ce5e4d8a5af9738fea71fb024e5"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32194",
"url": "https://github.com/vllm-project/vllm/pull/32194"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/releases/tag/v0.14.0",
"url": "https://github.com/vllm-project/vllm/releases/tag/v0.14.0"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-2pc9-4j83-qjmr",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-2pc9-4j83-qjmr"
}
],
"release_date": "2026-01-21T21:13:11.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that vLLM instances are configured to load models only from trusted and verified repositories. Restrict access to the model repository path to prevent unauthorized modification or introduction of malicious code. Implement strict access controls and integrity checks for all model sources.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vLLM: vLLM: Arbitrary code execution via untrusted model loading"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
},
{
"cve": "CVE-2026-24486",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-27T01:00:58.032530+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Multipart, a tool for parsing multipart form data in Python applications. This vulnerability, known as path traversal, allows a remote attacker to write uploaded files to any location on the server\u0027s file system. This exploitation occurs when specific non-default configuration options, `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`, are enabled, and a malicious filename is provided during a file upload. The primary consequence is unauthorized file creation or modification, which could lead to system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24486"
},
{
"category": "external",
"summary": "RHBZ#2433132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24486",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24486"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4",
"url": "https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/releases/tag/0.0.22",
"url": "https://github.com/Kludex/python-multipart/releases/tag/0.0.22"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg",
"url": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg"
}
],
"release_date": "2026-01-27T00:34:06.229000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, avoid enabling the `UPLOAD_KEEP_FILENAME=True` configuration option in applications using `python-multipart`. This option, when used with `UPLOAD_DIR`, allows an attacker to write files to arbitrary locations. Disabling or not configuring `UPLOAD_KEEP_FILENAME=True` prevents the path traversal vulnerability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerability"
},
{
"cve": "CVE-2026-24779",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-01-27T23:00:53.998772+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class, specifically within the load_from_url and load_from_url_async methods. An attacker can exploit differing interpretations of backslashes by Python parsing libraries used for host restrictions to bypass these restrictions. This allows the attacker to force the vLLM server to make arbitrary requests to internal network resources, potentially leading to information disclosure, denial of service, or unauthorized access within containerized environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Server-Side Request Forgery allows internal network access",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT Server-Side Request Forgery (SSRF) vulnerability in vLLM\u0027s `MediaConnector` allows an attacker to bypass host restrictions when processing user-provided URLs. This enables the vLLM server to be coerced into making arbitrary requests to internal network resources. This is critical in containerized deployments, including Red Hat AI Inference Server, Red Hat Enterprise Linux AI, and Red Hat OpenShift AI, where it could facilitate internal network reconnaissance and unauthorized access to other services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24779"
},
{
"category": "external",
"summary": "RHBZ#2433624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24779"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/f46d576c54fb8aeec5fc70560e850bed38ef17d7",
"url": "https://github.com/vllm-project/vllm/commit/f46d576c54fb8aeec5fc70560e850bed38ef17d7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32746",
"url": "https://github.com/vllm-project/vllm/pull/32746"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-qh4c-xf7m-gxfc",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-qh4c-xf7m-gxfc"
}
],
"release_date": "2026-01-27T22:01:13.808000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict network access to the vLLM service to only trusted clients. Implement strict network segmentation for vLLM pods in containerized environments to limit potential lateral movement. Ensure that vLLM instances are not exposed to untrusted external networks without proper access controls and input validation at the perimeter.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vLLM: vLLM: Server-Side Request Forgery allows internal network access"
},
{
"cve": "CVE-2026-25990",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-02-11T21:05:39.535631+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439170"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25990"
},
{
"category": "external",
"summary": "RHBZ#2439170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439170"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa",
"url": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc"
}
],
"release_date": "2026-02-11T20:53:52.524000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image"
}
]
}
RHSA-2026:3462
Vulnerability from csaf_redhat - Published: 2026-02-27 14:55 - Updated: 2026-07-01 00:25A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.
CWE-918 - Server-Side Request Forgery (SSRF)| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.
CWE-1188 - Initialization of a Resource with an Insecure Default| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM’s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the server implementation of vLLM, where the handling of Jinja templates does not properly validate user-supplied input through the chat_template and chat_template_kwargs parameters. When a specially crafted template is processed, it can trigger excessive looping or recursion inside the Jinja engine, consuming large amounts of CPU and memory. This can cause the server to become unresponsive or crash, resulting in a denial-of-service (DoS) condition for applications using vLLM.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor’s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability in vLLM allows an authenticated user to trigger unintended tokenization during chat template processing by supplying crafted chat_template_kwargs to the /v1/chat/completions or /tokenize endpoints. By forcing the server to tokenize very large inputs, an attacker can block the API server’s event loop for extended periods, causing a denial of service and delaying all other requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Ray’s HTTP API endpoint handling (e.g. /api/jobs, /api/job_agent/jobs/), which allows a remote attacker to trigger arbitrary code execution when a developer using Ray visits a malicious website in a vulnerable browser (e.g. Firefox or Safari). The root cause is an insufficient defense relying solely on the User-Agent header starting with “Mozilla”, which can be manipulated under the fetch specification — enabling a DNS-rebinding attack to bypass browser-based protections.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A denial of service vulnerability has been discovered in the python Starlette framework. an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This induces CPU exhaustion per request, causing a denial‑of‑service for endpoints serving files.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model's configuration, even when explicit security measures are set to prevent it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in protobuf. A remote attacker can exploit this denial-of-service (DoS) vulnerability by supplying deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’s recursion stack and causing a `RecursionError`, which results in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted 1x1 pixel image to a vLLM engine serving multimodal models that use the Idefics3 vision model implementation. This leads to a tensor dimension mismatch, causing an unhandled runtime error and resulting in complete server termination, effectively a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted video URL to vLLM's multimodal endpoint. This action causes vLLM to leak a heap memory address, significantly reducing the effectiveness of Address Space Layout Randomization (ASLR). This information disclosure can then be chained with a heap overflow vulnerability to achieve remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). This vulnerability allows a remote attacker to achieve arbitrary code execution on the vLLM host during model loading. This occurs because vLLM loads Hugging Face `auto_map` dynamic modules without properly validating the `trust_remote_code` setting. By influencing the model repository or path, an attacker can execute malicious Python code at server startup, even before any API requests are handled.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Python-Multipart, a tool for parsing multipart form data in Python applications. This vulnerability, known as path traversal, allows a remote attacker to write uploaded files to any location on the server's file system. This exploitation occurs when specific non-default configuration options, `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`, are enabled, and a malicious filename is provided during a file upload. The primary consequence is unauthorized file creation or modification, which could lead to system compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class, specifically within the load_from_url and load_from_url_async methods. An attacker can exploit differing interpretations of backslashes by Python parsing libraries used for host restrictions to bypass these restrictions. This allows the attacker to force the vLLM server to make arbitrary requests to internal network resources, potentially leading to information disclosure, denial of service, or unauthorized access within containerized environments.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.2 (ROCm) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3462",
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-48022",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52355",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52356",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56433",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15467",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47906",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-5318",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53905",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53906",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59425",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61620",
"url": "https://access.redhat.com/security/cve/CVE-2025-61620"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62164",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62372",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6242",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62426",
"url": "https://access.redhat.com/security/cve/CVE-2025-62426"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62593",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62727",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69223",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8176",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9900",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0994",
"url": "https://access.redhat.com/security/cve/CVE-2026-0994"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22773",
"url": "https://access.redhat.com/security/cve/CVE-2026-22773"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22778",
"url": "https://access.redhat.com/security/cve/CVE-2026-22778"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22807",
"url": "https://access.redhat.com/security/cve/CVE-2026-22807"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24486",
"url": "https://access.redhat.com/security/cve/CVE-2026-24486"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24779",
"url": "https://access.redhat.com/security/cve/CVE-2026-24779"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25990",
"url": "https://access.redhat.com/security/cve/CVE-2026-25990"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3462.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (ROCm)",
"tracking": {
"current_release_date": "2026-07-01T00:25:38+00:00",
"generator": {
"date": "2026-07-01T00:25:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:3462",
"initial_release_date": "2026-02-27T14:55:49+00:00",
"revision_history": [
{
"date": "2026-02-27T14:55:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-27T14:55:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:25:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-rocm-rhel9@sha256%3A53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=1772160625"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48022",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-08-07T17:35:20.588000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray Job Submission Arbitrary Code Execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "RHBZ#2387122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022"
}
],
"release_date": "2025-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray Job Submission Arbitrary Code Execution"
},
{
"cve": "CVE-2023-52355",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251326"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified out-of-memory vulnerability in libtiff, triggered by a crafted TIFF file passed to the TIFFRasterScanlineSize64() API, presents a moderate severity concern rather than a important one due to several factors. Primarily, the exploit requires the crafted input to be smaller than 379 KB, imposing a limitation on the potential impact and reducing the likelihood of successful exploitation in practical scenarios. Furthermore, the nature of the vulnerability is limited to denial-of-service attacks, which, although disruptive, do not inherently pose a direct risk of data compromise or system compromise. However, it\u0027s important to acknowledge that denial-of-service attacks can still have significant operational implications, particularly in environments reliant on continuous availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "RHBZ#2251326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/621",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM"
},
{
"cve": "CVE-2023-52356",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251344"
}
],
"notes": [
{
"category": "description",
"text": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw allows an attacker to potentially cause a denial of service attack by crashing a program, but the impact is minimal.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "RHBZ#2251344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/622",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/622"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service"
},
{
"cve": "CVE-2024-56433",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2024-12-26T09:00:54.065197+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2334165"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "RHBZ#2334165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241",
"url": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/issues/1157",
"url": "https://github.com/shadow-maint/shadow/issues/1157"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/releases/tag/4.4",
"url": "https://github.com/shadow-maint/shadow/releases/tag/4.4"
}
],
"release_date": "2024-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise"
},
{
"acknowledgments": [
{
"names": [
"Ronald Crane"
]
}
],
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-05-29T06:48:59.169000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369131"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libssh: out-of-bounds read in sftp_handle()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue requires an attacker with valid credentials to access a server, limiting the scope to legitimate users of the SFTP service. Due to this reason, this flaw has been rated with a Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "RHBZ#2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt",
"url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt"
}
],
"release_date": "2025-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libssh: out-of-bounds read in sftp_handle()"
},
{
"cve": "CVE-2025-6242",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-06-18T15:26:47.633000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373716"
}
],
"notes": [
{
"category": "description",
"text": "A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project\u0027s multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Server Side request forgery (SSRF) in MediaConnector",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as having the severity of Important by the Red Hat Product Security team as a successful exploitation by an attacker may lead to confidential data being leaked or a denial of service. Additionally the fact a unprivileged user can trigger this vulnerability through the network also contributes for the severity.\n\nThis vulnerability has its risk amplified on orchestrated environments as pods running the vLLM may eventually communicate with each other through internal cluster routing, including services that should not have been exposed to external networks. An attacker may leverage this flaw to interact with internal services, perform network reconnaissance or trigger a denial of service by leading other internal services to fail.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "RHBZ#2373716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373716"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-3f6c-7fw2-ppm4",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-3f6c-7fw2-ppm4"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Server Side request forgery (SSRF) in MediaConnector"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-47906",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-18T19:00:47.541046+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396546"
}
],
"notes": [
{
"category": "description",
"text": "A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os/exec: Unexpected paths returned from LookPath in os/exec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "RHBZ#2396546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://go.dev/cl/691775",
"url": "https://go.dev/cl/691775"
},
{
"category": "external",
"summary": "https://go.dev/issue/74466",
"url": "https://go.dev/issue/74466"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3956",
"url": "https://pkg.go.dev/vuln/GO-2025-3956"
}
],
"release_date": "2025-09-18T18:41:11.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os/exec: Unexpected paths returned from LookPath in os/exec"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-53905",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:19.770241+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380362"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversial",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "RHBZ#2380362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239",
"url": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr",
"url": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr"
}
],
"release_date": "2025-07-15T20:48:34.764000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversial"
},
{
"cve": "CVE-2025-53906",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:15.057182+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380360"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "RHBZ#2380360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8",
"url": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86",
"url": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86"
}
],
"release_date": "2025-07-15T20:52:40.137000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-59425",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2025-09-22T06:45:41.577000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397234"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM\u2019s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The RedHat security team has rated the severity of this issue as Important. The vulnerability is remotely exploitable without authentication or user interaction and can result in authentication bypass. The root cause was the use of a non-constant-time string comparison, which leaked timing information. Successful exploitation could lead to unauthorized access to APIs and sensitive resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "RHBZ#2397234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48",
"url": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-wr9h-g72x-mwhm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-wr9h-g72x-mwhm"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass"
},
{
"acknowledgments": [
{
"names": [
"keymoon",
"Ga_ryo",
"Isotr0py",
"DarkLight1337"
]
}
],
"cve": "CVE-2025-61620",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-06T05:59:34.077000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the server implementation of vLLM, where the handling of Jinja templates does not properly validate user-supplied input through the chat_template and chat_template_kwargs parameters. When a specially crafted template is processed, it can trigger excessive looping or recursion inside the Jinja engine, consuming large amounts of CPU and memory. This can cause the server to become unresponsive or crash, resulting in a denial-of-service (DoS) condition for applications using vLLM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM OpenAI-Compatible Server Resource Exhaustion via chat_template Parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed the severity of this vulnerability as Moderate, as it requires authenticated access or the ability to supply templates to the vLLM server. Successful exploitation allows an attacker to exhaust system resources by submitting maliciously crafted Jinja templates that trigger excessive CPU and memory usage. The vulnerability\u2019s root cause is the lack of proper validation and sandboxing of user-supplied template data, which can lead to denial of service (DoS) conditions affecting the availability of services built on vLLM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61620"
},
{
"category": "external",
"summary": "RHBZ#2401761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61620"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-6fvq-23cw-5628",
"url": "https://github.com/advisories/GHSA-6fvq-23cw-5628"
}
],
"release_date": "2025-10-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM OpenAI-Compatible Server Resource Exhaustion via chat_template Parameters"
},
{
"cve": "CVE-2025-62164",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-21T02:01:11.280042+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416282"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered important rather than moderate because it involves unsafe deserialization leading to memory corruption in a network-reachable, unauthenticated API path. Unlike typical moderate flaws that may only allow limited DoS or require specific conditions, this issue allows an attacker to supply a crafted sparse tensor that triggers an out-of-bounds memory write during PyTorch\u2019s to_dense() conversion. Memory corruption in a server process handling untrusted input significantly elevates security risk because it can lead not only to a reliable crash but also to potential remote code execution, enabling full compromise of the vLLM service. Additionally, the affected code path is part of the standard Completions API workflow, making the attack surface broadly exposed in real deployments. The combination of remote exploitability, unauthenticated access, memory corruption, and potential RCE clearly positions this issue above a moderate classification and into an important severity level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "RHBZ#2416282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf"
}
],
"release_date": "2025-11-21T01:18:38.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE"
},
{
"cve": "CVE-2025-62372",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-11-21T02:00:57.180567+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416280"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor\u2019s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated Moderate rather than Important because its impact is strictly limited to availability and requires low but existing privileges to exploit. The issue arises from incomplete shape validation of multimodal embedding tensors, which can cause deterministic crashes in the inference engine, but it does not enable memory corruption, data leakage, integrity compromise, or execution of arbitrary code. Exploitation requires an authenticated or API-key-holding user to submit malformed multimodal inputs, meaning it cannot be triggered by an unauthenticated attacker on an exposed endpoint. Additionally, the failure mode is a clean crash rather than undefined behavior, so the blast radius is constrained to service interruption rather than broader systemic compromise. These factors\u2014PR:L requirement, no confidentiality/integrity impact, deterministic failure mode, and scoped DoS only\u2014technically align the issue with Moderate severity instead of an Important flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "RHBZ#2416280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/6613",
"url": "https://github.com/vllm-project/vllm/pull/6613"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw"
}
],
"release_date": "2025-11-21T01:22:37.121000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs"
},
{
"cve": "CVE-2025-62426",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-11-21T02:00:49.606988+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416278"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows an authenticated user to trigger unintended tokenization during chat template processing by supplying crafted chat_template_kwargs to the /v1/chat/completions or /tokenize endpoints. By forcing the server to tokenize very large inputs, an attacker can block the API server\u2019s event loop for extended periods, causing a denial of service and delaying all other requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw is limited to a denial-of-service vector that requires an authenticated user and relies on abusing an optional, non-security-critical parameter (chat_template_kwargs) to force unexpected tokenization during template application, which is computationally expensive but not indicative of data corruption, privilege escalation, or code execution. The attacker cannot break isolation boundaries or execute arbitrary logic\u2014they can only cause the server\u2019s event loop to stall through large crafted inputs, and only if they already have access to the vLLM API. Moreover, the DoS condition is resource-intensive, depends heavily on model size and server configuration, and does not persist once the malicious request completes. Because the impact is bounded to temporary availability degradation without confidentiality or integrity loss, and because exploitation requires legitimate API access and large payloads, this issue aligns with a Moderate severity rather than an Important/High flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62426"
},
{
"category": "external",
"summary": "RHBZ#2416278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62426",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62426"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/chat_utils.py#L1602-L1610",
"url": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/chat_utils.py#L1602-L1610"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/openai/serving_engine.py#L809-L814",
"url": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/openai/serving_engine.py#L809-L814"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/3ada34f9cb4d1af763fdfa3b481862a93eb6bd2b",
"url": "https://github.com/vllm-project/vllm/commit/3ada34f9cb4d1af763fdfa3b481862a93eb6bd2b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27205",
"url": "https://github.com/vllm-project/vllm/pull/27205"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-69j4-grxj-j64p",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-69j4-grxj-j64p"
}
],
"release_date": "2025-11-21T01:21:29.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`"
},
{
"cve": "CVE-2025-62593",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-11-26T23:01:25.307125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417394"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Ray\u2019s HTTP API endpoint handling (e.g. /api/jobs, /api/job_agent/jobs/), which allows a remote attacker to trigger arbitrary code execution when a developer using Ray visits a malicious website in a vulnerable browser (e.g. Firefox or Safari). The root cause is an insufficient defense relying solely on the User-Agent header starting with \u201cMozilla\u201d, which can be manipulated under the fetch specification \u2014 enabling a DNS-rebinding attack to bypass browser-based protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has chosen to keep this as Important instead of Critical severity because the successful exploitation of this vulnerability requires user interaction in conjunction with a DNS rebinding attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "RHBZ#2417394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417394"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62593"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09",
"url": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v",
"url": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v"
}
],
"release_date": "2025-11-26T22:28:28.577000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack"
},
{
"cve": "CVE-2025-62727",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2025-10-28T21:01:03.833849+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406929"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability has been discovered in the python Starlette framework. an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette\u0027s FileResponse Range parsing/merging logic. This induces CPU exhaustion per request, causing a denial\u2011of\u2011service for endpoints serving files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "starlette: Starlette DoS via Range header merging",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "RHBZ#2406929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5",
"url": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8",
"url": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8"
}
],
"release_date": "2025-10-28T20:14:53.655000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "starlette: Starlette DoS via Range header merging"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-69223",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-06T20:01:19.831548+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427456"
}
],
"notes": [
{
"category": "description",
"text": "A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "RHBZ#2427456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a",
"url": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a"
},
{
"category": "external",
"summary": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg"
}
],
"release_date": "2026-01-05T22:00:17.715000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb"
},
{
"cve": "CVE-2026-0994",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2026-01-23T16:02:59.235878+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2432398"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobuf. A remote attacker can exploit this denial-of-service (DoS) vulnerability by supplying deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python\u2019s recursion stack and causing a `RecursionError`, which results in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: protobuf: Protobuf: Denial of Service due to recursion depth bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in `protobuf` allows a remote attacker to trigger a denial-of-service by providing specially crafted, deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to resource exhaustion and application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0994"
},
{
"category": "external",
"summary": "RHBZ#2432398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0994",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/pull/25239",
"url": "https://github.com/protocolbuffers/protobuf/pull/25239"
}
],
"release_date": "2026-01-23T14:55:16.876000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python: protobuf: Protobuf: Denial of Service due to recursion depth bypass"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-22773",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-10T07:01:22.641229+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428443"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted 1x1 pixel image to a vLLM engine serving multimodal models that use the Idefics3 vision model implementation. This leads to a tensor dimension mismatch, causing an unhandled runtime error and resulting in complete server termination, effectively a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat products. A remote attacker can trigger a denial of service in vLLM engines serving multimodal models that use the Idefics3 vision model by sending a specially crafted image, leading to complete server termination. This affects Red Hat AI Inference Server and Red Hat OpenShift AI (RHOAI) when configured with the vulnerable vLLM versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22773"
},
{
"category": "external",
"summary": "RHBZ#2428443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428443"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22773",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22773"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-grg2-63fw-f2qr",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-grg2-63fw-f2qr"
}
],
"release_date": "2026-01-10T06:39:02.276000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving"
},
{
"cve": "CVE-2026-22778",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2026-02-03T00:01:43.512265+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436113"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted video URL to vLLM\u0027s multimodal endpoint. This action causes vLLM to leak a heap memory address, significantly reducing the effectiveness of Address Space Layout Randomization (ASLR). This information disclosure can then be chained with a heap overflow vulnerability to achieve remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Critical rather than Important because it allows unauthenticated remote code execution without requiring user interaction, ultimately leading to full compromise of the affected system. An attacker can provide a malicious video URL to a vulnerable vLLM inference endpoint, which causes the service to automatically retrieve and process attacker-controlled media content. During decoding, a heap overflow is triggered in the underlying video processing stack, enabling corruption of heap memory and potential overwriting of control structures to execute arbitrary commands on the host. In addition, an information disclosure condition can leak memory addresses, significantly weakening ASLR protections and making exploitation more reliable when combined with the heap overflow. Successful exploitation compromises the confidentiality, integrity, and availability of the system and can impact deployments such as Red Hat AI Inference Server, Red Hat Enterprise Linux AI, and Red Hat OpenShift AI, thereby meeting Red Hat\u2019s criteria for Critical severity rather than Important impact.\n\nThe vLLM vulnerability depends on CVE-2025-9951, as processing attacker-controlled media can trigger the JPEG2000 decoder heap overflow, which can then be exploited within the vLLM video handling pipeline to cause memory corruption and potentially achieve remote code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22778"
},
{
"category": "external",
"summary": "RHBZ#2436113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436113"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22778",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22778"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/31987",
"url": "https://github.com/vllm-project/vllm/pull/31987"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32319",
"url": "https://github.com/vllm-project/vllm/pull/32319"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/releases/tag/v0.14.1",
"url": "https://github.com/vllm-project/vllm/releases/tag/v0.14.1"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-4r2x-xpjr-7cvv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-4r2x-xpjr-7cvv"
}
],
"release_date": "2026-02-02T21:09:53.265000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint."
},
{
"cve": "CVE-2026-22807",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-01-21T22:00:55.823882+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431865"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). This vulnerability allows a remote attacker to achieve arbitrary code execution on the vLLM host during model loading. This occurs because vLLM loads Hugging Face `auto_map` dynamic modules without properly validating the `trust_remote_code` setting. By influencing the model repository or path, an attacker can execute malicious Python code at server startup, even before any API requests are handled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Arbitrary code execution via untrusted model loading",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as vLLM, an inference and serving engine for large language models, is vulnerable to arbitrary code execution. An attacker influencing the model repository or path can execute malicious Python code during server startup, affecting vLLM versions 0.10.1 through 0.13.x.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22807"
},
{
"category": "external",
"summary": "RHBZ#2431865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431865"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22807",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22807"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/78d13ea9de4b1ce5e4d8a5af9738fea71fb024e5",
"url": "https://github.com/vllm-project/vllm/commit/78d13ea9de4b1ce5e4d8a5af9738fea71fb024e5"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32194",
"url": "https://github.com/vllm-project/vllm/pull/32194"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/releases/tag/v0.14.0",
"url": "https://github.com/vllm-project/vllm/releases/tag/v0.14.0"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-2pc9-4j83-qjmr",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-2pc9-4j83-qjmr"
}
],
"release_date": "2026-01-21T21:13:11.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that vLLM instances are configured to load models only from trusted and verified repositories. Restrict access to the model repository path to prevent unauthorized modification or introduction of malicious code. Implement strict access controls and integrity checks for all model sources.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vLLM: vLLM: Arbitrary code execution via untrusted model loading"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
},
{
"cve": "CVE-2026-24486",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-27T01:00:58.032530+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Multipart, a tool for parsing multipart form data in Python applications. This vulnerability, known as path traversal, allows a remote attacker to write uploaded files to any location on the server\u0027s file system. This exploitation occurs when specific non-default configuration options, `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`, are enabled, and a malicious filename is provided during a file upload. The primary consequence is unauthorized file creation or modification, which could lead to system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24486"
},
{
"category": "external",
"summary": "RHBZ#2433132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24486",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24486"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4",
"url": "https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/releases/tag/0.0.22",
"url": "https://github.com/Kludex/python-multipart/releases/tag/0.0.22"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg",
"url": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg"
}
],
"release_date": "2026-01-27T00:34:06.229000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, avoid enabling the `UPLOAD_KEEP_FILENAME=True` configuration option in applications using `python-multipart`. This option, when used with `UPLOAD_DIR`, allows an attacker to write files to arbitrary locations. Disabling or not configuring `UPLOAD_KEEP_FILENAME=True` prevents the path traversal vulnerability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerability"
},
{
"cve": "CVE-2026-24779",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-01-27T23:00:53.998772+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class, specifically within the load_from_url and load_from_url_async methods. An attacker can exploit differing interpretations of backslashes by Python parsing libraries used for host restrictions to bypass these restrictions. This allows the attacker to force the vLLM server to make arbitrary requests to internal network resources, potentially leading to information disclosure, denial of service, or unauthorized access within containerized environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Server-Side Request Forgery allows internal network access",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT Server-Side Request Forgery (SSRF) vulnerability in vLLM\u0027s `MediaConnector` allows an attacker to bypass host restrictions when processing user-provided URLs. This enables the vLLM server to be coerced into making arbitrary requests to internal network resources. This is critical in containerized deployments, including Red Hat AI Inference Server, Red Hat Enterprise Linux AI, and Red Hat OpenShift AI, where it could facilitate internal network reconnaissance and unauthorized access to other services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24779"
},
{
"category": "external",
"summary": "RHBZ#2433624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24779"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/f46d576c54fb8aeec5fc70560e850bed38ef17d7",
"url": "https://github.com/vllm-project/vllm/commit/f46d576c54fb8aeec5fc70560e850bed38ef17d7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32746",
"url": "https://github.com/vllm-project/vllm/pull/32746"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-qh4c-xf7m-gxfc",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-qh4c-xf7m-gxfc"
}
],
"release_date": "2026-01-27T22:01:13.808000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict network access to the vLLM service to only trusted clients. Implement strict network segmentation for vLLM pods in containerized environments to limit potential lateral movement. Ensure that vLLM instances are not exposed to untrusted external networks without proper access controls and input validation at the perimeter.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vLLM: vLLM: Server-Side Request Forgery allows internal network access"
},
{
"cve": "CVE-2026-25990",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-02-11T21:05:39.535631+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439170"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25990"
},
{
"category": "external",
"summary": "RHBZ#2439170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439170"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa",
"url": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc"
}
],
"release_date": "2026-02-11T20:53:52.524000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image"
}
]
}
RHSA-2026:4419
Vulnerability from csaf_redhat - Published: 2026-03-19 05:49 - Updated: 2026-06-30 03:05An XML Entity Expansion flaw was found in libexpat. This flaw allows an attacker to cause a denial of service when there is an isolated use of external parsers.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0 | — |
Vendor Fix
fix
|
Scrapy are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occurs because brotli can achieve extremely high compression ratios for zero-filled data, leading to excessive memory consumption during decompression.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.15.62 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\n This release includes a security update for Red Hat OpenShift Container\nPlatform 4.15.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.15.62. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2026:4418\n\nSpace precludes documenting all of the container images in this advisory.\nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nSecurity Fix(es):\n\n* Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS\n(CVE-2025-6176)\n* openssl: OpenSSL: Remote code execution or Denial of Service via\noversized Initialization Vector in CMS parsing (CVE-2025-15467)\n* libpng: LIBPNG out-of-bounds read in png_image_read_composite\n(CVE-2025-66293)\n* expat: XML Entity Expansion (CVE-2024-28757)\n* glib: Integer overflow in in g_escape_uri_string() (CVE-2025-13601)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:4419",
"url": "https://access.redhat.com/errata/RHSA-2026:4419"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268766"
},
{
"category": "external",
"summary": "2408762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408762"
},
{
"category": "external",
"summary": "2416741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741"
},
{
"category": "external",
"summary": "2418711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711"
},
{
"category": "external",
"summary": "2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4419.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.15.62 bug fix and security update",
"tracking": {
"current_release_date": "2026-06-30T03:05:48+00:00",
"generator": {
"date": "2026-06-30T03:05:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:4419",
"initial_release_date": "2026-03-19T05:49:50+00:00",
"revision_history": [
{
"date": "2026-03-19T05:49:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-19T05:49:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T03:05:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.15",
"product": {
"name": "Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.15::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-aarch64-415.92.202603101737-0",
"product": {
"name": "rhcos-aarch64-415.92.202603101737-0",
"product_id": "rhcos-aarch64-415.92.202603101737-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202603101737?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-ppc64le-415.92.202603101737-0",
"product": {
"name": "rhcos-ppc64le-415.92.202603101737-0",
"product_id": "rhcos-ppc64le-415.92.202603101737-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202603101737?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-s390x-415.92.202603101737-0",
"product": {
"name": "rhcos-s390x-415.92.202603101737-0",
"product_id": "rhcos-s390x-415.92.202603101737-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202603101737?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-415.92.202603101737-0",
"product": {
"name": "rhcos-x86_64-415.92.202603101737-0",
"product_id": "rhcos-x86_64-415.92.202603101737-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202603101737?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-aarch64-415.92.202603101737-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0"
},
"product_reference": "rhcos-aarch64-415.92.202603101737-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-ppc64le-415.92.202603101737-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0"
},
"product_reference": "rhcos-ppc64le-415.92.202603101737-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-s390x-415.92.202603101737-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0"
},
"product_reference": "rhcos-s390x-415.92.202603101737-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-415.92.202603101737-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
},
"product_reference": "rhcos-x86_64-415.92.202603101737-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28757",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268766"
}
],
"notes": [
{
"category": "description",
"text": "An XML Entity Expansion flaw was found in libexpat. This flaw allows an attacker to cause a denial of service when there is an isolated use of external parsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: XML Entity Expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as a moderate severity because a flaw was found in the libexpat library in the xmlparse.c file, specifically in the handling of external parsers. The issue is an XML Entity Expansion flaw caused by the parser\u0027s failure to detect direct recursion when a parameter entity references itself in an external subset. An attacker can trigger this by submitting a specially crafted XML document, which creates an infinite processing loop, leading to uncontrolled resource consumption and causing a denial of service (DoS).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28757"
},
{
"category": "external",
"summary": "RHBZ#2268766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28757",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28757"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/839",
"url": "https://github.com/libexpat/libexpat/issues/839"
}
],
"release_date": "2024-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-19T05:49:50+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:0301752d0cbc1d62336f5c467be4b63947e882750760243f513da5c6c003289e\n\n (For s390x architecture)\n The image digest is sha256:92ae7546248ac2341469a7bd801569e225bfab6177fae12a1aa90c990e96459b\n\n (For ppc64le architecture)\n The image digest is sha256:ba40e267f4ff9a6150513e3b2411032cbedbe4ffc0bed012f17675e5a40d473e\n\n (For aarch64 architecture)\n The image digest is sha256:a780ba0cb96fe8e52708f989caf17a7aebc38142cc43aec45d063e5520190761\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4419"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: XML Entity Expansion"
},
{
"cve": "CVE-2025-6176",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-31T01:00:56.408048+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2408762"
}
],
"notes": [
{
"category": "description",
"text": "Scrapy are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occurs because brotli can achieve extremely high compression ratios for zero-filled data, leading to excessive memory consumption during decompression.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in Scrapy\u0027s brotli decompression implementation allows remote attackers to trigger a denial of service by sending specially crafted brotli-compressed data. This can lead to excessive memory consumption and system instability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6176"
},
{
"category": "external",
"summary": "RHBZ#2408762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6176"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/2c26a886-5984-47ee-a421-0d5fe1344eb0",
"url": "https://huntr.com/bounties/2c26a886-5984-47ee-a421-0d5fe1344eb0"
}
],
"release_date": "2025-10-31T00:00:21.219000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-19T05:49:50+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:0301752d0cbc1d62336f5c467be4b63947e882750760243f513da5c6c003289e\n\n (For s390x architecture)\n The image digest is sha256:92ae7546248ac2341469a7bd801569e225bfab6177fae12a1aa90c990e96459b\n\n (For ppc64le architecture)\n The image digest is sha256:ba40e267f4ff9a6150513e3b2411032cbedbe4ffc0bed012f17675e5a40d473e\n\n (For aarch64 architecture)\n The image digest is sha256:a780ba0cb96fe8e52708f989caf17a7aebc38142cc43aec45d063e5520190761\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4419"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS"
},
{
"cve": "CVE-2025-13601",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-11-24T12:49:28.274000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416741"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glib: Integer overflow in in g_escape_uri_string()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "RHBZ#2416741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827",
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914",
"url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914"
}
],
"release_date": "2025-11-24T13:00:15.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-19T05:49:50+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:0301752d0cbc1d62336f5c467be4b63947e882750760243f513da5c6c003289e\n\n (For s390x architecture)\n The image digest is sha256:92ae7546248ac2341469a7bd801569e225bfab6177fae12a1aa90c990e96459b\n\n (For ppc64le architecture)\n The image digest is sha256:ba40e267f4ff9a6150513e3b2411032cbedbe4ffc0bed012f17675e5a40d473e\n\n (For aarch64 architecture)\n The image digest is sha256:a780ba0cb96fe8e52708f989caf17a7aebc38142cc43aec45d063e5520190761\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4419"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glib: Integer overflow in in g_escape_uri_string()"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-19T05:49:50+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:0301752d0cbc1d62336f5c467be4b63947e882750760243f513da5c6c003289e\n\n (For s390x architecture)\n The image digest is sha256:92ae7546248ac2341469a7bd801569e225bfab6177fae12a1aa90c990e96459b\n\n (For ppc64le architecture)\n The image digest is sha256:ba40e267f4ff9a6150513e3b2411032cbedbe4ffc0bed012f17675e5a40d473e\n\n (For aarch64 architecture)\n The image digest is sha256:a780ba0cb96fe8e52708f989caf17a7aebc38142cc43aec45d063e5520190761\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4419"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"cve": "CVE-2025-66293",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-12-03T21:00:59.956903+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418711"
}
],
"notes": [
{
"category": "description",
"text": "An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng\u0027s simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng\u0027s internal state management.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: LIBPNG out-of-bounds read in png_image_read_composite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important as it affects libpng, a widely used library for PNG image processing. The flaw is due to an out-of-bounds read in libpng\u2019s simplified API when handling specially crafted PNG images containing partial transparency and gamma correction data. Successful exploitation could result in information disclosure or cause application crashes in applications processing untrusted PNG content.\n\nFor `java-17-openjdk-headless` and `java-21-openjdk-headless`, while the affected code is present in the bundled sources, it is not exercised by these headless packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66293"
},
{
"category": "external",
"summary": "RHBZ#2418711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1",
"url": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a",
"url": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/issues/764",
"url": "https://github.com/pnggroup/libpng/issues/764"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f",
"url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f"
}
],
"release_date": "2025-12-03T20:33:57.086000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-19T05:49:50+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:0301752d0cbc1d62336f5c467be4b63947e882750760243f513da5c6c003289e\n\n (For s390x architecture)\n The image digest is sha256:92ae7546248ac2341469a7bd801569e225bfab6177fae12a1aa90c990e96459b\n\n (For ppc64le architecture)\n The image digest is sha256:ba40e267f4ff9a6150513e3b2411032cbedbe4ffc0bed012f17675e5a40d473e\n\n (For aarch64 architecture)\n The image digest is sha256:a780ba0cb96fe8e52708f989caf17a7aebc38142cc43aec45d063e5520190761\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4419"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202603101737-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202603101737-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libpng: LIBPNG out-of-bounds read in png_image_read_composite"
}
]
}
RHSA-2026:4943
Vulnerability from csaf_redhat - Published: 2026-03-18 16:24 - Updated: 2026-07-01 00:16An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in `xml.dom.minidom` methods, such as `appendChild()`, when building excessively nested documents due to a dependency on `_clear_id_cache()`
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into memory, potentially causing memory allocations errors, swapping, out-of-memory conditions or even system freezes.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Workaround
|
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
|
A flaw was found in glibc. When the wordexp function is called with the flags WRDE_REUSE and WRDE_APPEND, it may return uninitialized memory. If the caller inspects the we_wordv array or calls the wordfree function to free the allocated memory, the process will abort, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in the glibc library. Passing an excessively large alignment value to the memalign suite of functions, such as memalign, posix_memalign, aligned_alloc, valloc and pvalloc, an integer overflow can occur during internal size calculations due to improper overflow checks, causing an allocation of a small chunk of memory which is subsequently used for writing. This issue can result in an application crash or heap memory corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in glibc, the GNU C Library. When an application calls the `getnetbyaddr` or `getnetbyaddr_r` functions to resolve a network address, and the system's `nsswitch.conf` file is configured to use a DNS (Domain Name System) backend for network lookups, a query for a zero-valued network can lead to the disclosure of stack memory contents. This information is leaked to the configured DNS resolver, potentially allowing an attacker who controls the resolver to gain sensitive data from the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules, allowing an attacker to inject email headers and potentially modify message recipients or the email body, and spoof sender information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security (TLS) servers, An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response from an upstream proxied server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Workaround
|
A type validation flaw has been discovered in postgresql. Improper validation of the type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. It is possible that this may expose confidential information but it is unlikely.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A heap based buffer overflow flaw has been discovered in PostgreSQL. This Heap buffer overflow is in the `pgcrypto` component and allows a ciphertext provider to execute arbitrary code as the operating system user running the database.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
Workaround
|
A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 | — | ||
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 | — | ||
| Unresolved product id: Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The latest release of Red Hat Update Infrastructure. For more details, see the product documentation.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Update Infrastructure (RHUI) container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:4943",
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "external",
"summary": "https://access.redhat.com/products/red-hat-update-infrastructure",
"url": "https://access.redhat.com/products/red-hat-update-infrastructure"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11187",
"url": "https://access.redhat.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12084",
"url": "https://access.redhat.com/security/cve/CVE-2025-12084"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13836",
"url": "https://access.redhat.com/security/cve/CVE-2025-13836"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-14104",
"url": "https://access.redhat.com/security/cve/CVE-2025-14104"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-14831",
"url": "https://access.redhat.com/security/cve/CVE-2025-14831"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15281",
"url": "https://access.redhat.com/security/cve/CVE-2025-15281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15366",
"url": "https://access.redhat.com/security/cve/CVE-2025-15366"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15367",
"url": "https://access.redhat.com/security/cve/CVE-2025-15367"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15467",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15468",
"url": "https://access.redhat.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15469",
"url": "https://access.redhat.com/security/cve/CVE-2025-15469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66199",
"url": "https://access.redhat.com/security/cve/CVE-2025-66199"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68160",
"url": "https://access.redhat.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69418",
"url": "https://access.redhat.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69419",
"url": "https://access.redhat.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69420",
"url": "https://access.redhat.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69421",
"url": "https://access.redhat.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9086",
"url": "https://access.redhat.com/security/cve/CVE-2025-9086"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9820",
"url": "https://access.redhat.com/security/cve/CVE-2025-9820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0861",
"url": "https://access.redhat.com/security/cve/CVE-2026-0861"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0865",
"url": "https://access.redhat.com/security/cve/CVE-2026-0865"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0915",
"url": "https://access.redhat.com/security/cve/CVE-2026-0915"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1299",
"url": "https://access.redhat.com/security/cve/CVE-2026-1299"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1642",
"url": "https://access.redhat.com/security/cve/CVE-2026-1642"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2003",
"url": "https://access.redhat.com/security/cve/CVE-2026-2003"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2004",
"url": "https://access.redhat.com/security/cve/CVE-2026-2004"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2005",
"url": "https://access.redhat.com/security/cve/CVE-2026-2005"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2006",
"url": "https://access.redhat.com/security/cve/CVE-2026-2006"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22795",
"url": "https://access.redhat.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22796",
"url": "https://access.redhat.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-23490",
"url": "https://access.redhat.com/security/cve/CVE-2026-23490"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_update_infrastructure/5",
"url": "https://docs.redhat.com/en/documentation/red_hat_update_infrastructure/5"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4943.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Update Infrastructure 5.1 security update",
"tracking": {
"current_release_date": "2026-07-01T00:16:57+00:00",
"generator": {
"date": "2026-07-01T00:16:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:4943",
"initial_release_date": "2026-03-18T16:24:32+00:00",
"revision_history": [
{
"date": "2026-03-18T16:24:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-18T16:24:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:16:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Update Infrastructure 5",
"product": {
"name": "Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhui:5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Update Infrastructure"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"product": {
"name": "registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"product_id": "registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cds-rhel9@sha256%3A200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524?arch=amd64\u0026repository_url=registry.redhat.io/rhui5\u0026tag=1773670073"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"product": {
"name": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"product_id": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/haproxy-rhel9@sha256%3Ad98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3?arch=amd64\u0026repository_url=registry.redhat.io/rhui5\u0026tag=1773672059"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"product": {
"name": "registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"product_id": "registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/installer-rhel9@sha256%3A2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f?arch=amd64\u0026repository_url=registry.redhat.io/rhui5\u0026tag=1773668803"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64",
"product": {
"name": "registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64",
"product_id": "registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhua-rhel9@sha256%3A5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778?arch=amd64\u0026repository_url=registry.redhat.io/rhui5\u0026tag=1773670137"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64"
},
"product_reference": "registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64"
},
"product_reference": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
},
"product_reference": "registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
},
"product_reference": "registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9086",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-12T06:01:02.244669+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2394750"
}
],
"notes": [
{
"category": "description",
"text": "An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: libcurl: Curl out of bounds read for cookie path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9086"
},
{
"category": "external",
"summary": "RHBZ#2394750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2025-9086.html",
"url": "https://curl.se/docs/CVE-2025-9086.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2025-9086.json",
"url": "https://curl.se/docs/CVE-2025-9086.json"
},
{
"category": "external",
"summary": "https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6",
"url": "https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3294999",
"url": "https://hackerone.com/reports/3294999"
}
],
"release_date": "2025-09-12T05:10:03.815000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: libcurl: Curl out of bounds read for cookie path"
},
{
"cve": "CVE-2025-9820",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-09-02T10:00:18.839000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed the severity of this vulnerability as Low, since exploitation requires local access or a malicious PKCS#11 token. While the impact is limited to denial of service or potential code execution in constrained scenarios, the vulnerability stems from a lack of proper bounds checking during token label handling in GnuTLS. Users should treat this as a security concern in environments where untrusted tokens may be introduced.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9820"
},
{
"category": "external",
"summary": "RHBZ#2392528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9820"
},
{
"category": "external",
"summary": "https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5",
"url": "https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5"
},
{
"category": "external",
"summary": "https://gitlab.com/gnutls/gnutls/-/issues/1732",
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1732"
},
{
"category": "external",
"summary": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18",
"url": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18"
}
],
"release_date": "2025-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. Applying the upstream patch or vendor-supplied security update is the recommended resolution.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function"
},
{
"cve": "CVE-2025-11187",
"cwe": {
"id": "CWE-233",
"name": "Improper Handling of Parameters"
},
"discovery_date": "2026-01-16T14:21:50.559000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430375"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. It affects OpenSSL versions 3.6, 3.5, and 3.4, where improper validation of PBMAC1 parameters in PKCS#12 MAC verification can lead to a stack buffer overflow or NULL pointer dereference. Exploitation requires an application to process a maliciously crafted PKCS#12 file, which is uncommon as these files are typically trusted. OpenSSL versions 3.3, 3.0, 1.1.1, and 1.0.2 are not affected as they do not support PBMAC1 in PKCS#12.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "RHBZ#2430375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid processing untrusted PKCS#12 files. Applications should only handle PKCS#12 files from trusted sources, as these files are typically used for storing private keys and are expected to be secure.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file"
},
{
"cve": "CVE-2025-12084",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-03T19:01:03.489250+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418655"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in `xml.dom.minidom` methods, such as `appendChild()`, when building excessively nested documents due to a dependency on `_clear_id_cache()`",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products as it can lead to a denial of service. The flaw exists in the `xml.dom.minidom` module of cpython, where a quadratic algorithm in methods like `appendChild()` can be triggered when processing excessively nested XML documents. When successfully exploited this may impact the availability of applications utilizing this functionality across affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12084"
},
{
"category": "external",
"summary": "RHBZ#2418655",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418655"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12084"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/142145",
"url": "https://github.com/python/cpython/issues/142145"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/142146",
"url": "https://github.com/python/cpython/pull/142146"
}
],
"release_date": "2025-12-03T18:55:32.222000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service"
},
{
"cve": "CVE-2025-13836",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-01T19:01:03.091899+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into memory, potentially causing memory allocations errors, swapping, out-of-memory conditions or even system freezes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Excessive read buffering DoS in http.client",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue can only be exploited by Python applications using the http.client.HTTPResponse.read function without the amount parameter, which specifies the read size in bytes. Note that Python libraries may use this function internally and make applications vulnerable. Additionally, vulnerable Python applications must connect to a malicious or compromised server that replies with a very large or crafted Content-Length header to trigger this issue, limiting the exposure of this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13836"
},
{
"category": "external",
"summary": "RHBZ#2418078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13836",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13836"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/119451",
"url": "https://github.com/python/cpython/issues/119451"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/119454",
"url": "https://github.com/python/cpython/pull/119454"
}
],
"release_date": "2025-12-01T18:02:38.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Since this vulnerability is triggered when no read amount is specified and the client defaults to using the potentially malicious Content-Length header, developers can mitigate this issue in their code by always imposing an explicit, safe limit on data reads.\n\nApplications using the http.client.HTTPResponse.read function directly can ensure that read operations specify a byte limit:\n\n~~~\n...\nmax_safe_read = 10 * 1024 * 1024\ndata = response.read(max_safe_read)\n...\n~~~",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Excessive read buffering DoS in http.client"
},
{
"cve": "CVE-2025-14104",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-12-05T14:16:36.004000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419369"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-14104"
},
{
"category": "external",
"summary": "RHBZ#2419369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-14104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14104"
}
],
"release_date": "2025-12-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames"
},
{
"cve": "CVE-2025-14831",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2025-12-17T14:48:30.222000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423177"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. GnuTLS is susceptible to a denial of service attack due to excessive CPU and memory consumption. This occurs when processing specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs) during certificate verification.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-14831"
},
{
"category": "external",
"summary": "RHBZ#2423177",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423177"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-14831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14831"
},
{
"category": "external",
"summary": "https://gitlab.com/gnutls/gnutls/-/issues/1773",
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1773"
}
],
"release_date": "2026-02-09T14:26:34.939000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification"
},
{
"cve": "CVE-2025-15281",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2026-01-20T14:01:12.320264+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431196"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in glibc. When the wordexp function is called with the flags WRDE_REUSE and WRDE_APPEND, it may return uninitialized memory. If the caller inspects the we_wordv array or calls the wordfree function to free the allocated memory, the process will abort, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to find an application linked to the glibc library that is using the wordexp function with the flags WRDE_REUSE and WRDE_APPEND. Also, calls to wordexp using both flags never worked correctly and thus the existence of applications that make use of this feature is unlikely. There is no known application vulnerable to this issue.\n\nFurthermore, this flaw will result in a denial of service with no other security impact.\n\nDue to these reasons, this vulnerability has been rated with a low severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15281"
},
{
"category": "external",
"summary": "RHBZ#2431196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431196"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15281"
},
{
"category": "external",
"summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=33814",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33814"
}
],
"release_date": "2026-01-20T13:22:46.495000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "To mitigate this issue, consider refactoring the use of the wordexp function to not use the WRDE_REUSE and WRDE_APPEND flags together.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory"
},
{
"cve": "CVE-2025-15366",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2026-01-20T22:01:33.257688+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431368"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: IMAP command injection in user-controlled commands",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to have the privileges required to send malicious input to an application that sends IMAP commands to a server. Additionally, this flaw can allow attackers to manipulate the state of the mailbox (e.g., delete emails, move folders, flag messages) and to potentially read metadata or specific email content, but it does not allow arbitrary code execution or OS command injection. Due to these reasons, this issue has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15366"
},
{
"category": "external",
"summary": "RHBZ#2431368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431368"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15366"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/143921",
"url": "https://github.com/python/cpython/issues/143921"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/143922",
"url": "https://github.com/python/cpython/pull/143922"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/"
}
],
"release_date": "2026-01-20T21:40:24.938000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, ensure that no data passed to the imaplib module contains newline or carriage return characters.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: IMAP command injection in user-controlled commands"
},
{
"cve": "CVE-2025-15367",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2026-01-20T22:02:09.399038+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431373"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: POP3 command injection in user-controlled commands",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to have the privileges required to send malicious input to an application that sends POP3 commands to a server. Additionally, this flaw can allow attackers to manipulate the state of the mailbox (e.g., delete emails) and to potentially read metadata or specific email content, but it does not allow arbitrary code execution or OS command injection. Due to these reasons, this issue has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15367"
},
{
"category": "external",
"summary": "RHBZ#2431373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15367",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15367"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/143923",
"url": "https://github.com/python/cpython/issues/143923"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/143924",
"url": "https://github.com/python/cpython/pull/143924"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE/"
}
],
"release_date": "2026-01-20T21:47:09.885000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, ensure that no data passed to the poplib module contains newline or carriage return characters.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: POP3 command injection in user-controlled commands"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"cve": "CVE-2025-15468",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-01-16T14:21:51.062000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430377"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The NULL pointer dereference in the `SSL_CIPHER_find()` function, affecting OpenSSL versions 3.3, 3.4, 3.5, and 3.6, occurs only when applications utilizing the QUIC protocol uncommonly invoke this function from the `client_hello_cb` callback with an unknown cipher ID. This specific usage pattern and the resulting Denial of Service limit the overall impact in the Red Hat context.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "RHBZ#2430377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling"
},
{
"cve": "CVE-2025-15469",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-01-16T14:21:51.411000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The flaw affects the `openssl dgst` command-line tool when used with one-shot algorithms (such as Ed25519, Ed448, or ML-DSA) on files larger than 16MB. Impact is limited as it requires both signing and verification to be performed using the affected command, and verifiers using library APIs are not impacted.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15469"
},
{
"category": "external",
"summary": "RHBZ#2430378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid using the `openssl dgst` command with one-shot algorithms (such as Ed25519, Ed448, or ML-DSA) for files larger than 16MB. Instead, utilize streaming digest algorithms with `openssl dgst` or use library APIs for signing and verification, as these are not affected by the truncation vulnerability. Users should ensure that input files for one-shot signing/verification with `openssl dgst` do not exceed 16MB.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-66199",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-16T14:21:51.739000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. The flaw in OpenSSL 3.3, 3.4, 3.5, and 3.6 allows an attacker to cause excessive memory allocation during TLS 1.3 handshake with certificate compression, potentially leading to a Denial of Service. This affects both clients and servers in mutual TLS scenarios where certificate compression is negotiated. Servers not requesting client certificates are not vulnerable to client-initiated attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66199"
},
{
"category": "external",
"summary": "RHBZ#2430379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the reception of compressed certificates by setting the SSL_OP_NO_RX_CERTIFICATE_COMPRESSION option in OpenSSL configurations. This will prevent the vulnerable code path from being exercised.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression"
},
{
"cve": "CVE-2025-68160",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-16T14:21:52.088000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430380"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The `BIO_f_linebuffer` filter, where this heap out-of-bounds write occurs, is not used by default in TLS/SSL data paths within Red Hat products. Exploitation requires third-party applications to explicitly use this filter with a BIO chain that can short-write and process large, newline-free data influenced by an attacker, which is an unlikely scenario under attacker control. Red Hat FIPS modules are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "RHBZ#2430380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430380"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter"
},
{
"cve": "CVE-2025-69418",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2026-01-16T14:21:52.438000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430381"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. In the Red Hat context, impact is limited because typical OpenSSL consumers using higher-level EVP APIs are not affected. The flaw only manifests when applications directly call low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in hardware-accelerated builds. Additionally, TLS does not use OCB ciphersuites, and FIPS modules are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "RHBZ#2430381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls"
},
{
"cve": "CVE-2025-69419",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-01-16T14:21:52.793000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430386"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. An out-of-bounds write in OpenSSL\u0027s PKCS12_get_friendlyname() function can lead to denial of service or arbitrary code execution. Exploitation requires an application to parse a specially crafted malicious PKCS#12 file. Red Hat FIPS modules are not affected as the PKCS#12 implementation is outside the FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "RHBZ#2430386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, Red Hat recommends avoiding the processing of PKCS#12 files from untrusted or unverified sources. Applications that use the `PKCS12_get_friendlyname()` API should ensure that PKCS#12 files are only processed if they originate from trusted entities. Restricting the input sources for PKCS#12 files can significantly reduce the attack surface for this flaw.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing"
},
{
"cve": "CVE-2025-69420",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-01-16T14:21:53.497000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. A type confusion flaw in the TimeStamp Response verification code can lead to a Denial of Service when processing a specially crafted TimeStamp Response. Exploitation requires an application to call `TS_RESP_verify_response()` with a malformed response, and the TimeStamp protocol (RFC 3161) is not widely used. Red Hat FIPS modules are not affected as the TimeStamp Response implementation is outside the FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "RHBZ#2430388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response"
},
{
"cve": "CVE-2025-69421",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-01-16T14:21:53.845000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430387"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat because it requires an application to process a specially crafted, malformed PKCS#12 file, leading to a Denial of Service. The vulnerability is limited to a crash and cannot be escalated to achieve code execution or memory disclosure. Red Hat FIPS modules are not affected as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "RHBZ#2430387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Restrict applications from processing untrusted or externally supplied PKCS#12 files, ensuring certificates are sourced only from trusted internal authorities. Additionally, configure critical background services with automatic restart policies (such as systemd\u0027s Restart=on-failure) to quickly restore availability if a denial-of-service crash occurs.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing"
},
{
"cve": "CVE-2026-0861",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-01-14T22:01:10.975595+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429771"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the glibc library. Passing an excessively large alignment value to the memalign suite of functions, such as memalign, posix_memalign, aligned_alloc, valloc and pvalloc, an integer overflow can occur during internal size calculations due to improper overflow checks, causing an allocation of a small chunk of memory which is subsequently used for writing. This issue can result in an application crash or heap memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glibc: Integer overflow in memalign leads to heap corruption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to find an application linked to the glibc library that is using one of the vulnerable functions (memalign, posix_memalign, aligned_alloc, valloc or pvalloc) in a way that the alignment parameter can be user-controlled, allowing an attacker to trigger the integer overflow. However, the alignment parameter used by the functions is usually hard-coded power of two and do not allow arbitrary values, specially values supplied by a user. There is no known application vulnerable to this issue.\n\nAlso, default Red Hat Enterprise Linux security features, including SELinux enforcement, Address Space Layout Randomization (ASLR) and memory protections significantly increase the difficult of achieving arbitrary code execution, limiting the impact of this vulnerability.\n\nDue to these reasons, this vulnerability has been rated with a low severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0861"
},
{
"category": "external",
"summary": "RHBZ#2429771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0861"
},
{
"category": "external",
"summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=33796",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33796"
}
],
"release_date": "2026-01-14T21:01:11.037000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Applications calling one of the vulnerable functions and allowing the alignment parameter to be set by user-controlled input can implement additional validations checks, ensuring the alignment value is a power of two and does not exceed a sane limit, for example the system page size or a maximum of 64KB. This prevents the excessively large value required to trigger the integer overflow.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glibc: Integer overflow in memalign leads to heap corruption"
},
{
"cve": "CVE-2026-0865",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2026-01-20T22:01:26.694713+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431367"
}
],
"notes": [
{
"category": "description",
"text": "Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: wsgiref.headers.Headers allows header newline injection in Python",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0865"
},
{
"category": "external",
"summary": "RHBZ#2431367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0865",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0865"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/143916",
"url": "https://github.com/python/cpython/issues/143916"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/143917",
"url": "https://github.com/python/cpython/pull/143917"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/"
}
],
"release_date": "2026-01-20T21:26:15.274000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: wsgiref.headers.Headers allows header newline injection in Python"
},
{
"cve": "CVE-2026-0915",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2026-01-15T23:01:26.157678+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430201"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in glibc, the GNU C Library. When an application calls the `getnetbyaddr` or `getnetbyaddr_r` functions to resolve a network address, and the system\u0027s `nsswitch.conf` file is configured to use a DNS (Domain Name System) backend for network lookups, a query for a zero-valued network can lead to the disclosure of stack memory contents. This information is leaked to the configured DNS resolver, potentially allowing an attacker who controls the resolver to gain sensitive data from the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glibc: glibc: Information disclosure via zero-valued network query",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat products. It allows for information disclosure of stack contents to a configured DNS resolver when an application utilizes `getnetbyaddr` or `getnetbyaddr_r` with a DNS backend specified in `nsswitch.conf` for a zero-valued network query. This affects Red Hat Enterprise Linux and OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0915"
},
{
"category": "external",
"summary": "RHBZ#2430201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0915",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0915",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0915"
},
{
"category": "external",
"summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=33802",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33802"
}
],
"release_date": "2026-01-15T22:08:41.630000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glibc: glibc: Information disclosure via zero-valued network query"
},
{
"cve": "CVE-2026-1299",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-01-23T17:02:57.343486+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2432437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules, allowing an attacker to inject email headers and potentially modify message recipients or the email body, and spoof sender information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: email header injection due to unquoted newlines",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue can only be exploitable by Python applications using the LiteralHeader class to write email headers, as it does not respect email folding rules. Additionally, this issue allows attackers to modify message recipients or the email body and spoof sender identity but it does not cause memory corruption or arbitrary code execution. Due to these reasons, this vulnerability has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1299"
},
{
"category": "external",
"summary": "RHBZ#2432437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1299",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1299"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1299",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1299"
},
{
"category": "external",
"summary": "https://cve.org/CVERecord?id=CVE-2024-6923",
"url": "https://cve.org/CVERecord?id=CVE-2024-6923"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413",
"url": "https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/144125",
"url": "https://github.com/python/cpython/issues/144125"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/144126",
"url": "https://github.com/python/cpython/pull/144126"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/"
}
],
"release_date": "2026-01-23T16:27:13.346000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications accepting user-supplied data for email headers should sanitize the input by stripping or rejecting any strings containing carriage return or line feed characters, \u0027\\r\u0027 or \u0027\\n\u0027, respectively, preventing malicious sequences that could lead to header manipulation.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: email header injection due to unquoted newlines"
},
{
"cve": "CVE-2026-1642",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2026-02-04T16:00:52.156255+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436738"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security (TLS) servers, An attacker with a man-in-the-middle (MITM) position on the upstream server side\u2014along with conditions beyond the attacker\u0027s control\u2014may be able to inject plain text data into the response from an upstream proxied server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1642"
},
{
"category": "external",
"summary": "RHBZ#2436738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436738"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1642",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1642"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000159824",
"url": "https://my.f5.com/manage/s/article/K000159824"
}
],
"release_date": "2026-02-04T15:02:06.154000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections"
},
{
"cve": "CVE-2026-2003",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-02-12T14:01:21.557882+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439322"
}
],
"notes": [
{
"category": "description",
"text": "A type validation flaw has been discovered in postgresql. Improper validation of the type \"oidvector\" in PostgreSQL allows a database user to disclose a few bytes of server memory. It is possible that this may expose confidential information but it is unlikely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: PostgreSQL oidvector discloses a few bytes of memory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2003"
},
{
"category": "external",
"summary": "RHBZ#2439322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439322"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2003"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2026-2003/",
"url": "https://www.postgresql.org/support/security/CVE-2026-2003/"
}
],
"release_date": "2026-02-12T13:00:06.108000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: PostgreSQL oidvector discloses a few bytes of memory"
},
{
"cve": "CVE-2026-2004",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-02-12T14:01:31.249026+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439325"
}
],
"notes": [
{
"category": "description",
"text": "A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2004"
},
{
"category": "external",
"summary": "RHBZ#2439325",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439325"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2004"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2026-2004/",
"url": "https://www.postgresql.org/support/security/CVE-2026-2004/"
}
],
"release_date": "2026-02-12T13:00:08.857000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code"
},
{
"cve": "CVE-2026-2005",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-02-12T14:01:34.491431+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439326"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow flaw has been discovered in PostgreSQL. This Heap buffer overflow is in the `pgcrypto` component and allows a ciphertext provider to execute arbitrary code as the operating system user running the database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2005"
},
{
"category": "external",
"summary": "RHBZ#2439326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2005"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2005",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2005"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2026-2005/",
"url": "https://www.postgresql.org/support/security/CVE-2026-2005/"
}
],
"release_date": "2026-02-12T13:00:09.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code"
},
{
"cve": "CVE-2026-2006",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-02-12T14:01:27.485498+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439324"
}
],
"notes": [
{
"category": "description",
"text": "Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2006"
},
{
"category": "external",
"summary": "RHBZ#2439324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2006"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2006",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2006"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2026-2006/",
"url": "https://www.postgresql.org/support/security/CVE-2026-2006/"
}
],
"release_date": "2026-02-12T13:00:10.490000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code"
},
{
"cve": "CVE-2026-22795",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-01-16T14:21:53.146000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430389"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. An application processing a maliciously crafted PKCS#12 file can be caused to dereference an invalid or NULL pointer, resulting in a Denial of Service. In the Red Hat context, impact is limited as PKCS#12 files are typically used for trusted private keys and are not commonly accepted from untrusted sources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "RHBZ#2430389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430389"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing"
},
{
"cve": "CVE-2026-22796",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-01-16T14:43:21.598000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430390"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. A type confusion flaw in the legacy PKCS#7 API can lead to a Denial of Service when processing specially crafted PKCS#7 data. Exploitation requires an application to perform signature verification of malformed PKCS#7 data. Red Hat products utilizing the FIPS module are not affected as the PKCS#7 parsing is outside the module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "RHBZ#2430390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430390"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification"
},
{
"cve": "CVE-2026-23490",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-16T20:03:33.790513+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430472"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23490"
},
{
"category": "external",
"summary": "RHBZ#2430472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430472"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23490",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23490",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23490"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970",
"url": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2",
"url": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq",
"url": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq"
}
],
"release_date": "2026-01-16T19:03:36.442000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-18T16:24:32+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:200c27e9b396276bd505c6b41127ac5eb1d94d620172cb818ae733f2a21ac524_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:d98fd3fe5f5f9acd0efae7db19b61b864be1eb2fbe2586a1b6be2429fa2cc7a3_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:2c50c87906a1abebf427a70f401c409f1258cb55d2096f517db870ec991cfd7f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:5f1fbf66fb349a7baf066a1216d39989c3b89f18ec5108b96d9643baf4856778_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID"
}
]
}
RHSA-2026:6481
Vulnerability from csaf_redhat - Published: 2026-04-02 16:17 - Updated: 2026-06-30 01:58A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated service-interconnect container images are now available for Service Interconnect 1.8 for RHEL 9.",
"title": "Topic"
},
{
"category": "general",
"text": "Users of service-interconnect 1.8 rhel9 container images are advised\nto upgrade to these updated images, which contain backported patches to correct security issues and fix bugs. \nUsers of these images are also encouraged to rebuild all container images that depend on these images.\nYou can find images updated by this advisory in the Red Hat Container Catalog",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6481",
"url": "https://access.redhat.com/errata/RHSA-2026:6481"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "2446453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446453"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6481.json"
}
],
"title": "Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.8",
"tracking": {
"current_release_date": "2026-06-30T01:58:57+00:00",
"generator": {
"date": "2026-06-30T01:58:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:6481",
"initial_release_date": "2026-04-02T16:17:10+00:00",
"revision_history": [
{
"date": "2026-04-02T16:17:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-02T16:17:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T01:58:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Service Interconnect 1",
"product": {
"name": "Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_interconnect:1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Service Interconnect"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"product": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"product": {
"name": "service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"product_id": "service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"product": {
"name": "service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"product_id": "service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.7.6-5"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.8.8-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"product": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"product": {
"name": "service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"product_id": "service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.7.6-5"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.8.8-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"product": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"product": {
"name": "service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"product_id": "service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.7.6-5"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.8.8-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"product": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"product": {
"name": "service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"product_id": "service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"product": {
"name": "service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"product_id": "service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.7.6-5"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.8.8-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.8.8-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le"
},
"product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x"
},
"product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64"
},
"product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64"
},
"product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64"
},
"product_reference": "service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64"
},
"product_reference": "service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64"
},
"product_reference": "service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le"
},
"product_reference": "service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x"
},
"product_reference": "service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64"
},
"product_reference": "service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-02T16:17:10+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6481"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-02T16:17:10+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6481"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9066ce6dbb603fddd2e0f0cce572149959964e053edfee3790c09b0a0c9ac9cd_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:92675024ae62bb66fa3dc511006cc13036602e8217b28ab0c62047c9779cf903_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:c04fc92b80a97a96a70144bf945a37e61453bdada7fe509ee4d48fff7f658ada_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:cb65975cb9979fab93a247c75cd4f68741f3a552aea964d2169be14c720f4230_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:0ff71337912bc711345e420e1c95d0751feb252694da1a9dacb2324cc05174a5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:3b5d04aae3534524e2d1c995355b4c910af147d81b6b3bb8de96bdd618471473_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c334431860215340856ec10941615db01136d7c88f7cbfde25e3261f4b6335b6_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:c3ef2d2a06681cd724fc9f296bf0c4a84ff38f04a89b849865f034f54f7c6255_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:4fce2c3d5f9b147e83025cbd35666ef4b254eb56e9c03238bfbeafbe2fa525d0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:5fb00b9d9764c0c30e45d75825ba1beeca93f4a8f1e8ef2a83e92777bfeefba1_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8f686adead014c6cc191b8188e13655b0799c067ee2b1344701ce4d2527b3341_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:c98f080d47d479240888d76ad5b8f9f52595f4e55466830a033ed7645b3db25d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7f5d904a15b9833540d72d80ddb1edd1dda71e803e5b81be45b84a4a092261f8_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:9a1a5f4d8ab78b4e9f9904a1a22d8a5a29b9c50a4f482ab9ad372791c5b1752e_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:14fcf922c5f1b03eff3720aaec68db4ea7390114a2b90a5ab18d5b65b9cab976_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:6281bb245d691108228f096e2815100b95de53a6479f1b81a28a32d406e0dcef_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:75410f493caf95e63fc783b5ee38f2c117679dd37912daa9df292062da2c158a_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:e74fed9f261838c3bf47cd0a372cbdc9dd88bff085d86c6bb97efb3ffd5d1564_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:305200aa9738c5ca0f68bde6c804cf34c5ce3b456c2e2ce5dd84d1196e9187f7_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:43d2c3b4409ae05e0e6e33d9fcd886c9dba3c544cd6a432a6c9c01650cc7975c_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:cd7ffc1d388a67aef5476ed87326893e41c82836d6fcb3f4669675affafa3ab2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:fbf9bcc72859d1897aeeaa01aff7a6c826039a4462df04164ae791cf0b7f2837_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:034ceaf007c5a011f10400ba96072a3d881fe9ed3d4c44c748157a1ce718256d_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:528e5839cd63d99d24310f3849428de552ec967f3e2a59ad564b79e01c2b5bf4_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:768758a2718d7b22970ecea2a431b503363fb3c9019377e6e6e5a669bd1ba10c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9d82e699465f5823af52ec205c4038d8384baac438840c5e53d5d480e078607d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
}
]
}
RHSA-2026:7261
Vulnerability from csaf_redhat - Published: 2026-04-09 08:50 - Updated: 2026-06-30 01:59A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the OpenSSL SM2 algorithm implementation on 64-bit ARM platforms. This vulnerability allows recovery of the private key via timing side-channel analysis during signature computations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the OpenSSL HTTP client API no_proxy handling. This vulnerability allows an application level denial of service (application crash) via an attacker-controlled IPv6 URL when the no_proxy environment variable is set.
CWE-125 - Out-of-bounds Read| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in openssl. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support may experience a Denial of Service (DoS). This occurs when processing partial cipher blocks, specifically if the input buffer ends at a memory page boundary and the subsequent page is unmapped. This can lead to an out-of-bounds read of up to 15 bytes and a potential application crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. This vulnerability could lead to data corruption, application crashes, or, in severe cases, arbitrary code execution. This issue is highly specific and uncommon, as it only affects clients using both PKIX-TA(0)/PKIX-EE(1) and DANE-TA(2) certificate usages and communicating with a server publishing a TLSA record set with both types of records.
CWE-1341 - Multiple Releases of Same Resource or Handle| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. When processing a malformed delta Certificate Revocation List (CRL) that lacks a required CRL Number extension, a NULL pointer dereference can occur. This vulnerability can be exploited by a remote attacker who provides a specially crafted delta CRL to an application that has delta CRL processing enabled, leading to a Denial of Service (DoS) for the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence, leading to a NULL pointer dereference. This can result in a Denial of Service (DoS) for applications that handle untrusted CMS data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter field without first verifying its presence. This leads to a NULL pointer dereference, which can cause applications processing the attacker-controlled CMS data to crash, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. This vulnerability, a heap buffer overflow, affects 32-bit systems when processing an unusually large X.509 certificate. If an application or service attempts to print or log such a specially crafted certificate, it could lead to a system crash or potentially allow an attacker to execute arbitrary code. This issue is considered low severity due to the specific conditions required for exploitation, including the need for an extremely large certificate and a 32-bit operating environment.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without proper validation. Consequently, the application might send the contents of an uninitialized memory buffer, which could contain confidential information, to the attacker.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:openssl-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:openssl-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7261",
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9232",
"url": "https://access.redhat.com/security/cve/CVE-2025-9232"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9231",
"url": "https://access.redhat.com/security/cve/CVE-2025-9231"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11187",
"url": "https://access.redhat.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69421",
"url": "https://access.redhat.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69420",
"url": "https://access.redhat.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69419",
"url": "https://access.redhat.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69418",
"url": "https://access.redhat.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68160",
"url": "https://access.redhat.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66199",
"url": "https://access.redhat.com/security/cve/CVE-2025-66199"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15469",
"url": "https://access.redhat.com/security/cve/CVE-2025-15469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15468",
"url": "https://access.redhat.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15467",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-31790",
"url": "https://access.redhat.com/security/cve/CVE-2026-31790"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-31789",
"url": "https://access.redhat.com/security/cve/CVE-2026-31789"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-28389",
"url": "https://access.redhat.com/security/cve/CVE-2026-28389"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-28388",
"url": "https://access.redhat.com/security/cve/CVE-2026-28388"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-28387",
"url": "https://access.redhat.com/security/cve/CVE-2026-28387"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-28386",
"url": "https://access.redhat.com/security/cve/CVE-2026-28386"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-28390",
"url": "https://access.redhat.com/security/cve/CVE-2026-28390"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22795",
"url": "https://access.redhat.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2673",
"url": "https://access.redhat.com/security/cve/CVE-2026-2673"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22796",
"url": "https://access.redhat.com/security/cve/CVE-2026-22796"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7261.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-06-30T01:59:00+00:00",
"generator": {
"date": "2026-06-30T01:59:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:7261",
"initial_release_date": "2026-04-09T08:50:10+00:00",
"revision_history": [
{
"date": "2026-04-09T08:50:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-18T20:01:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T01:59:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-main@aarch64",
"product": {
"name": "openssl-main@aarch64",
"product_id": "openssl-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.5.6-0.1.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-main@src",
"product": {
"name": "openssl-main@src",
"product_id": "openssl-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.5.6-0.1.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-main@x86_64",
"product": {
"name": "openssl-main@x86_64",
"product_id": "openssl-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.5.6-0.1.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:openssl-main@aarch64"
},
"product_reference": "openssl-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:openssl-main@src"
},
"product_reference": "openssl-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:openssl-main@x86_64"
},
"product_reference": "openssl-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9231",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2025-09-17T12:18:12.109000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396055"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenSSL SM2 algorithm implementation on 64-bit ARM platforms. This vulnerability allows recovery of the private key via timing side-channel analysis during signature computations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Timing side-channel in SM2 algorithm on 64 bit ARM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while it could enable recovery of private keys through timing side-channel analysis on 64-bit ARM platforms, successful exploitation requires high-precision timing measurements and a specialized attack setup. OpenSSL does not natively support SM2 certificates in TLS, limiting the exposure in common use cases. The issue only becomes relevant in custom provider contexts where SM2 is enabled, further reducing the likelihood of widespread impact. Therefore, although the confidentiality impact is high if exploited, the practical attack complexity and limited applicability justify a Moderate severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9231"
},
{
"category": "external",
"summary": "RHBZ#2396055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396055"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9231",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9231"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Timing side-channel in SM2 algorithm on 64 bit ARM"
},
{
"cve": "CVE-2025-9232",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-17T12:21:09.388000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenSSL HTTP client API no_proxy handling. This vulnerability allows an application level denial of service (application crash) via an attacker-controlled IPv6 URL when the no_proxy environment variable is set.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read in HTTP client no_proxy handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Low severity because exploitation requires a very specific set of conditions: the application must pass an attacker-controlled IPv6 URL to the OpenSSL HTTP client functions, and the no_proxy environment variable must be set by the user. Even under these conditions, the issue can only lead to an out-of-bounds read resulting in a crash, causing an application level denial of service. There is no potential for information disclosure or remote code execution. Additionally, typical use cases of the OpenSSL HTTP client (e.g., in OCSP or CMP) do not involve attacker-controlled URLs, which further reduces the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9232"
},
{
"category": "external",
"summary": "RHBZ#2396056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9232",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9232"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: Out-of-bounds read in HTTP client no_proxy handling"
},
{
"cve": "CVE-2025-11187",
"cwe": {
"id": "CWE-233",
"name": "Improper Handling of Parameters"
},
"discovery_date": "2026-01-16T14:21:50.559000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430375"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. It affects OpenSSL versions 3.6, 3.5, and 3.4, where improper validation of PBMAC1 parameters in PKCS#12 MAC verification can lead to a stack buffer overflow or NULL pointer dereference. Exploitation requires an application to process a maliciously crafted PKCS#12 file, which is uncommon as these files are typically trusted. OpenSSL versions 3.3, 3.0, 1.1.1, and 1.0.2 are not affected as they do not support PBMAC1 in PKCS#12.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "RHBZ#2430375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid processing untrusted PKCS#12 files. Applications should only handle PKCS#12 files from trusted sources, as these files are typically used for storing private keys and are expected to be secure.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"cve": "CVE-2025-15468",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-01-16T14:21:51.062000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430377"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The NULL pointer dereference in the `SSL_CIPHER_find()` function, affecting OpenSSL versions 3.3, 3.4, 3.5, and 3.6, occurs only when applications utilizing the QUIC protocol uncommonly invoke this function from the `client_hello_cb` callback with an unknown cipher ID. This specific usage pattern and the resulting Denial of Service limit the overall impact in the Red Hat context.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "RHBZ#2430377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling"
},
{
"cve": "CVE-2025-15469",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-01-16T14:21:51.411000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The flaw affects the `openssl dgst` command-line tool when used with one-shot algorithms (such as Ed25519, Ed448, or ML-DSA) on files larger than 16MB. Impact is limited as it requires both signing and verification to be performed using the affected command, and verifiers using library APIs are not impacted.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15469"
},
{
"category": "external",
"summary": "RHBZ#2430378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid using the `openssl dgst` command with one-shot algorithms (such as Ed25519, Ed448, or ML-DSA) for files larger than 16MB. Instead, utilize streaming digest algorithms with `openssl dgst` or use library APIs for signing and verification, as these are not affected by the truncation vulnerability. Users should ensure that input files for one-shot signing/verification with `openssl dgst` do not exceed 16MB.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation"
},
{
"cve": "CVE-2025-66199",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-16T14:21:51.739000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. The flaw in OpenSSL 3.3, 3.4, 3.5, and 3.6 allows an attacker to cause excessive memory allocation during TLS 1.3 handshake with certificate compression, potentially leading to a Denial of Service. This affects both clients and servers in mutual TLS scenarios where certificate compression is negotiated. Servers not requesting client certificates are not vulnerable to client-initiated attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66199"
},
{
"category": "external",
"summary": "RHBZ#2430379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the reception of compressed certificates by setting the SSL_OP_NO_RX_CERTIFICATE_COMPRESSION option in OpenSSL configurations. This will prevent the vulnerable code path from being exercised.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression"
},
{
"cve": "CVE-2025-68160",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-16T14:21:52.088000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430380"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The `BIO_f_linebuffer` filter, where this heap out-of-bounds write occurs, is not used by default in TLS/SSL data paths within Red Hat products. Exploitation requires third-party applications to explicitly use this filter with a BIO chain that can short-write and process large, newline-free data influenced by an attacker, which is an unlikely scenario under attacker control. Red Hat FIPS modules are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "RHBZ#2430380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430380"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter"
},
{
"cve": "CVE-2025-69418",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2026-01-16T14:21:52.438000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430381"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. In the Red Hat context, impact is limited because typical OpenSSL consumers using higher-level EVP APIs are not affected. The flaw only manifests when applications directly call low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in hardware-accelerated builds. Additionally, TLS does not use OCB ciphersuites, and FIPS modules are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "RHBZ#2430381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls"
},
{
"cve": "CVE-2025-69419",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-01-16T14:21:52.793000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430386"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. An out-of-bounds write in OpenSSL\u0027s PKCS12_get_friendlyname() function can lead to denial of service or arbitrary code execution. Exploitation requires an application to parse a specially crafted malicious PKCS#12 file. Red Hat FIPS modules are not affected as the PKCS#12 implementation is outside the FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "RHBZ#2430386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, Red Hat recommends avoiding the processing of PKCS#12 files from untrusted or unverified sources. Applications that use the `PKCS12_get_friendlyname()` API should ensure that PKCS#12 files are only processed if they originate from trusted entities. Restricting the input sources for PKCS#12 files can significantly reduce the attack surface for this flaw.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing"
},
{
"cve": "CVE-2025-69420",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-01-16T14:21:53.497000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. A type confusion flaw in the TimeStamp Response verification code can lead to a Denial of Service when processing a specially crafted TimeStamp Response. Exploitation requires an application to call `TS_RESP_verify_response()` with a malformed response, and the TimeStamp protocol (RFC 3161) is not widely used. Red Hat FIPS modules are not affected as the TimeStamp Response implementation is outside the FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "RHBZ#2430388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response"
},
{
"cve": "CVE-2025-69421",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-01-16T14:21:53.845000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430387"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat because it requires an application to process a specially crafted, malformed PKCS#12 file, leading to a Denial of Service. The vulnerability is limited to a crash and cannot be escalated to achieve code execution or memory disclosure. Red Hat FIPS modules are not affected as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "RHBZ#2430387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Restrict applications from processing untrusted or externally supplied PKCS#12 files, ensuring certificates are sourced only from trusted internal authorities. Additionally, configure critical background services with automatic restart policies (such as systemd\u0027s Restart=on-failure) to quickly restore availability if a denial-of-service crash occurs.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing"
},
{
"cve": "CVE-2026-2673",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2026-03-13T14:01:14.098405+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447327"
}
],
"notes": [
{
"category": "description",
"text": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client\u0027s initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact of this flaw is limited to the choice of key agreement groups in a specific TLS connection. While a less a preferred key agreement group may allow for a connection to lack post-quantum protection, it is important to know that the connection will still be encrypted with a secure classical cipher and that the degradation of the cipher is limited to the active connection and is not a persistent degradation. Groups which the server operator has disallowed will not be used and it may be the case that the client and server fail to agree upon a key exchange group which would prevent the offending client from constructing a TLS connection.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2673"
},
{
"category": "external",
"summary": "RHBZ#2447327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2673"
},
{
"category": "external",
"summary": "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f",
"url": "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f"
},
{
"category": "external",
"summary": "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34",
"url": "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34"
},
{
"category": "external",
"summary": "https://openssl-library.org/news/secadv/20260313.txt",
"url": "https://openssl-library.org/news/secadv/20260313.txt"
}
],
"release_date": "2026-03-13T13:23:00.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group"
},
{
"cve": "CVE-2026-22795",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-01-16T14:21:53.146000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430389"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. An application processing a maliciously crafted PKCS#12 file can be caused to dereference an invalid or NULL pointer, resulting in a Denial of Service. In the Red Hat context, impact is limited as PKCS#12 files are typically used for trusted private keys and are not commonly accepted from untrusted sources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "RHBZ#2430389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430389"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing"
},
{
"cve": "CVE-2026-22796",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-01-16T14:43:21.598000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430390"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. A type confusion flaw in the legacy PKCS#7 API can lead to a Denial of Service when processing specially crafted PKCS#7 data. Exploitation requires an application to perform signature verification of malformed PKCS#7 data. Red Hat products utilizing the FIPS module are not affected as the PKCS#7 parsing is outside the module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "RHBZ#2430390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430390"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification"
},
{
"cve": "CVE-2026-28386",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2026-03-25T02:58:58.647000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support may experience a Denial of Service (DoS). This occurs when processing partial cipher blocks, specifically if the input buffer ends at a memory page boundary and the subsequent page is unmapped. This can lead to an out-of-bounds read of up to 15 bytes and a potential application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: openssl: Denial of Service due to out-of-bounds read in AES-CFB128",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has a Moderate impact on Red Hat products. It affects applications utilizing AES-CFB128 encryption or decryption on systems equipped with AVX-512 and VAES, potentially leading to a Denial of Service due to an out-of-bounds read when processing partial cipher blocks under specific memory conditions. The CFB mode is not employed in widely used protocols such as TLS/DTLS, which limits the applicability of this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-28386"
},
{
"category": "external",
"summary": "RHBZ#2451099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-28386",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28386"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-28386",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28386"
},
{
"category": "external",
"summary": "https://openssl-library.org/news/secadv/20260407.txt",
"url": "https://openssl-library.org/news/secadv/20260407.txt"
}
],
"release_date": "2026-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: openssl: Denial of Service due to out-of-bounds read in AES-CFB128"
},
{
"cve": "CVE-2026-28387",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-03-25T02:59:08.773000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451098"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. This vulnerability could lead to data corruption, application crashes, or, in severe cases, arbitrary code execution. This issue is highly specific and uncommon, as it only affects clients using both PKIX-TA(0)/PKIX-EE(1) and DANE-TA(2) certificate usages and communicating with a server publishing a TLSA record set with both types of records.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Low impact vulnerability affects clients performing DANE TLSA-based server authentication only when configured with an uncommon combination of PKIX-TA(0/PKIX-EE(1) and DANE-TA(2) certificate usages. Most common SMTP MTA deployments are not vulnerable as they are recommended to treat PKIX certificate usages as unusable. Exploitation also requires communication with a server publishing a TLSA RRset with both types of records.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-28387"
},
{
"category": "external",
"summary": "RHBZ#2451098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451098"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-28387",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28387"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-28387",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28387"
},
{
"category": "external",
"summary": "https://openssl-library.org/news/secadv/20260407.txt",
"url": "https://openssl-library.org/news/secadv/20260407.txt"
}
],
"release_date": "2026-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication"
},
{
"cve": "CVE-2026-28388",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-03-25T02:59:08.771000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When processing a malformed delta Certificate Revocation List (CRL) that lacks a required CRL Number extension, a NULL pointer dereference can occur. This vulnerability can be exploited by a remote attacker who provides a specially crafted delta CRL to an application that has delta CRL processing enabled, leading to a Denial of Service (DoS) for the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Low impact. This vulnerability in X.509 certificate verification can lead to a Denial of Service (DoS) due to a NULL pointer dereference when processing a malformed delta Certificate Revocation List (CRL). Exploitation requires the `X509_V_FLAG_USE_DELTAS` flag to be enabled in the verification context, a certificate with a `freshestCRL` extension or a base CRL with `EXFLAG_FRESHEST` set, and an attacker-provided malformed CRL. This flaw is limited to DoS and does not allow for code execution or memory disclosure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-28388"
},
{
"category": "external",
"summary": "RHBZ#2451097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-28388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28388"
},
{
"category": "external",
"summary": "https://openssl-library.org/news/secadv/20260407.txt",
"url": "https://openssl-library.org/news/secadv/20260407.txt"
}
],
"release_date": "2026-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that delta CRL processing is not enabled in applications that do not require it. This vulnerability is only exploitable when the `X509_V_FLAG_USE_DELTAS` flag is explicitly set within the X.509 verification context. Review application configurations to confirm that this flag is not enabled unless absolutely necessary for your security policy. Disabling this flag will prevent the vulnerable code path from being exercised. Specific implementation details will vary depending on the application utilizing X.509 certificate verification.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing"
},
{
"cve": "CVE-2026-28389",
"cwe": {
"id": "CWE-166",
"name": "Improper Handling of Missing Special Element"
},
"discovery_date": "2026-03-25T02:59:08.822000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451096"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence, leading to a NULL pointer dereference. This can result in a Denial of Service (DoS) for applications that handle untrusted CMS data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service vulnerability in CMS processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Low impact flaw affects applications processing Cryptographic Message Syntax (CMS) data, specifically crafted CMS EnvelopedData messages with KeyAgreeRecipientInfo. A NULL pointer dereference can occur if the optional parameters field of KeyEncryptionAlgorithmIdentifier is missing, leading to a Denial of Service. Red Hat products are vulnerable if they call `CMS_decrypt()` or `PKCS7_decrypt()` on untrusted input, such as in S/MIME processing or CMS-based protocols.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-28389"
},
{
"category": "external",
"summary": "RHBZ#2451096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28389"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-28389",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28389"
},
{
"category": "external",
"summary": "https://openssl-library.org/news/secadv/20260407.txt",
"url": "https://openssl-library.org/news/secadv/20260407.txt"
}
],
"release_date": "2026-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid processing untrusted CMS EnvelopedData messages with KeyAgreeRecipientInfo. Restrict network access to services that process CMS data from untrusted sources. If possible, configure applications to only accept CMS data from trusted origins. This operational control helps reduce exposure to the vulnerability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service vulnerability in CMS processing"
},
{
"cve": "CVE-2026-28390",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-04-07T23:01:18.313921+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456314"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter field without first verifying its presence. This leads to a NULL pointer dereference, which can cause applications processing the attacker-controlled CMS data to crash, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been rated as moderate by redhat because the vulnerability is limited to a denial-of-service condition caused by a NULL pointer dereference in OpenSSL CMS processing, without evidence of memory corruption or code execution, furthermore the Affected functionality is niche. The vulnerable path requires:\nCMS/S/MIME processing,\nspecifically CMS_decrypt(),\nwith RSA-OAEP KeyTransportRecipientInfo.\nMany OpenSSL consumers never use CMS APIs, never process S/MIME,\nor do not decrypt attacker-controlled CMS objects.\nSo exposure is far narrower than a generic TLS parsing vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-28390"
},
{
"category": "external",
"summary": "RHBZ#2456314",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456314"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28390"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-28390",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28390"
},
{
"category": "external",
"summary": "https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc",
"url": "https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc"
},
{
"category": "external",
"summary": "https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6",
"url": "https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6"
},
{
"category": "external",
"summary": "https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4",
"url": "https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4"
},
{
"category": "external",
"summary": "https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788",
"url": "https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788"
},
{
"category": "external",
"summary": "https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75",
"url": "https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75"
},
{
"category": "external",
"summary": "https://openssl-library.org/news/secadv/20260407.txt",
"url": "https://openssl-library.org/news/secadv/20260407.txt"
}
],
"release_date": "2026-04-07T22:00:54.172000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Applications that process Cryptographic Message Syntax (CMS) EnvelopedData messages should be configured to only accept input from trusted sources. Restricting network access to services that process untrusted CMS data can also reduce exposure to this Denial of Service vulnerability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing"
},
{
"cve": "CVE-2026-31789",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-03-25T02:59:09.213000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability, a heap buffer overflow, affects 32-bit systems when processing an unusually large X.509 certificate. If an application or service attempts to print or log such a specially crafted certificate, it could lead to a system crash or potentially allow an attacker to execute arbitrary code. This issue is considered low severity due to the specific conditions required for exploitation, including the need for an extremely large certificate and a 32-bit operating environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue has a Low impact. The vulnerability affects 32-bit systems and requires an application or service to process an unusually large X.509 certificate (over 1 Gigabyte) by printing or logging its contents. This specific condition makes exploitation unlikely in typical Red Hat environments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31789"
},
{
"category": "external",
"summary": "RHBZ#2451095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31789"
}
],
"release_date": "2026-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid processing or logging untrusted X.509 certificates, particularly those with unusually large OCTET STRING values. Restricting the source of X.509 certificates to trusted entities can reduce exposure to this vulnerability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing"
},
{
"cve": "CVE-2026-31790",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"discovery_date": "2026-03-25T02:59:10.179000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451094"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without proper validation. Consequently, the application might send the contents of an uninitialized memory buffer, which could contain confidential information, to the attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. This flaw affects applications utilizing RSASVE key encapsulation, where an attacker-supplied invalid RSA public key is used with EVP_PKEY_encapsulate() without prior validation. This can lead to the disclosure of sensitive, uninitialized memory buffer contents to a malicious peer.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31790"
},
{
"category": "external",
"summary": "RHBZ#2451094",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451094"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31790"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31790",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31790"
},
{
"category": "external",
"summary": "https://openssl-library.org/news/secadv/20260407.txt",
"url": "https://openssl-library.org/news/secadv/20260407.txt"
}
],
"release_date": "2026-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T08:50:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:openssl-main@aarch64",
"Red Hat Hardened Images:openssl-main@src",
"Red Hat Hardened Images:openssl-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key"
}
]
}
SSA-434797
Vulnerability from csaf_siemens - Published: 2026-06-09 00:00 - Updated: 2026-06-09 00:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
AI Lightweight Inference Server
Siemens / AI Lightweight Inference Server
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
Connector for Azure
Siemens / Connector for Azure
|
vers:intdot/<1.8.0 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
Databus
Siemens / Databus
|
vers:intdot/<3.3.2 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
HiMed Cockpit
Siemens / HiMed Cockpit
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
6GK6108-4AM00-2BA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
6GK6108-4AM00-2DA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE LPE9403 (6GK5998-3GS00-2AC2)
Siemens / SCALANCE LPE9403 (6GK5998-3GS00-2AC2)
|
6GK5998-3GS00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE LPE9413 (6GK5998-3GS01-2AC2)
Siemens / SCALANCE LPE9413 (6GK5998-3GS01-2AC2)
|
6GK5998-3GS01-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
No Fix Planned
|
|
SCALANCE LPE9433 (6GK5998-3GS11-2AC2)
Siemens / SCALANCE LPE9433 (6GK5998-3GS11-2AC2)
|
6GK5998-3GS11-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
No Fix Planned
|
|
SCALANCE M804PB (6GK5804-0AP00-2AA2)
Siemens / SCALANCE M804PB (6GK5804-0AP00-2AA2)
|
6GK5804-0AP00-2AA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE M812-1 ADSL-Router family
Siemens / SCALANCE M812-1 ADSL-Router family
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SCALANCE M816-1 ADSL-Router family
Siemens / SCALANCE M816-1 ADSL-Router family
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)
Siemens / SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)
|
6GK5826-2AB00-2AB2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE M874-2 (6GK5874-2AA00-2AA2)
Siemens / SCALANCE M874-2 (6GK5874-2AA00-2AA2)
|
6GK5874-2AA00-2AA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE M874-3 (6GK5874-3AA00-2AA2)
Siemens / SCALANCE M874-3 (6GK5874-3AA00-2AA2)
|
6GK5874-3AA00-2AA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)
Siemens / SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)
|
6GK5874-3AA00-2FA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE M876-3 (6GK5876-3AA02-2BA2)
Siemens / SCALANCE M876-3 (6GK5876-3AA02-2BA2)
|
6GK5876-3AA02-2BA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)
Siemens / SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)
|
6GK5876-3AA02-2EA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE M876-4 (6GK5876-4AA10-2BA2)
Siemens / SCALANCE M876-4 (6GK5876-4AA10-2BA2)
|
6GK5876-4AA10-2BA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)
Siemens / SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)
|
6GK5876-4AA00-2BA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)
Siemens / SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)
|
6GK5876-4AA00-2DA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1)
Siemens / SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1)
|
6GK5852-1EA10-1AA1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1)
Siemens / SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1)
|
6GK5852-1EA10-1BA1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)
Siemens / SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)
|
6GK5853-2EA10-2AA1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)
Siemens / SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)
|
6GK5853-2EA10-2BA1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)
Siemens / SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)
|
6GK5853-2EA00-2DA1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)
Siemens / SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)
|
6GK5856-2EA10-3AA1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)
Siemens / SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)
|
6GK5856-2EA10-3BA1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)
Siemens / SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)
|
6GK5856-2EA00-3FA1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)
Siemens / SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)
|
6GK5856-2EA00-3DA1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)
Siemens / SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)
|
6GK5856-2EA00-3AA1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)
Siemens / SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)
|
6GK5615-0AA01-2AA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)
Siemens / SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)
|
6GK5615-0AA00-2AA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE SC622-2C (6GK5622-2GS00-2AC2)
Siemens / SCALANCE SC622-2C (6GK5622-2GS00-2AC2)
|
6GK5622-2GS00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE SC626-2C (6GK5626-2GS00-2AC2)
Siemens / SCALANCE SC626-2C (6GK5626-2GS00-2AC2)
|
6GK5626-2GS00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE SC632-2C (6GK5632-2GS00-2AC2)
Siemens / SCALANCE SC632-2C (6GK5632-2GS00-2AC2)
|
6GK5632-2GS00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE SC636-2C (6GK5636-2GS00-2AC2)
Siemens / SCALANCE SC636-2C (6GK5636-2GS00-2AC2)
|
6GK5636-2GS00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE SC642-2C (6GK5642-2GS00-2AC2)
Siemens / SCALANCE SC642-2C (6GK5642-2GS00-2AC2)
|
6GK5642-2GS00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE SC646-2C (6GK5646-2GS00-2AC2)
Siemens / SCALANCE SC646-2C (6GK5646-2GS00-2AC2)
|
6GK5646-2GS00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3)
Siemens / SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3)
|
6GK5200-4AH00-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X200-4P IRT (6GK5200-4AH10-2BA3)
Siemens / SCALANCE X200-4P IRT (6GK5200-4AH10-2BA3)
|
6GK5200-4AH10-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X201-3P IRT (6GK5201-3BH00-2BA3)
Siemens / SCALANCE X201-3P IRT (6GK5201-3BH00-2BA3)
|
6GK5201-3BH00-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X201-3P IRT (6GK5201-3BH10-2BA3)
Siemens / SCALANCE X201-3P IRT (6GK5201-3BH10-2BA3)
|
6GK5201-3BH10-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X201-3P IRT PRO (6GK5201-3JR00-2BA6)
Siemens / SCALANCE X201-3P IRT PRO (6GK5201-3JR00-2BA6)
|
6GK5201-3JR00-2BA6
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X201-3P IRT PRO (6GK5201-3JR10-2BA6)
Siemens / SCALANCE X201-3P IRT PRO (6GK5201-3JR10-2BA6)
|
6GK5201-3JR10-2BA6
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X202-2IRT (6GK5202-2BB00-2BA3)
Siemens / SCALANCE X202-2IRT (6GK5202-2BB00-2BA3)
|
6GK5202-2BB00-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X202-2IRT (6GK5202-2BB10-2BA3)
Siemens / SCALANCE X202-2IRT (6GK5202-2BB10-2BA3)
|
6GK5202-2BB10-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X202-2P IRT (6GK5202-2BH00-2BA3)
Siemens / SCALANCE X202-2P IRT (6GK5202-2BH00-2BA3)
|
6GK5202-2BH00-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X202-2P IRT (6GK5202-2BH10-2BA3)
Siemens / SCALANCE X202-2P IRT (6GK5202-2BH10-2BA3)
|
6GK5202-2BH10-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X202-2P IRT PRO (6GK5202-2JR00-2BA6)
Siemens / SCALANCE X202-2P IRT PRO (6GK5202-2JR00-2BA6)
|
6GK5202-2JR00-2BA6
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X202-2P IRT PRO (6GK5202-2JR10-2BA6)
Siemens / SCALANCE X202-2P IRT PRO (6GK5202-2JR10-2BA6)
|
6GK5202-2JR10-2BA6
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204-2 (6GK5204-2BB10-2AA3)
Siemens / SCALANCE X204-2 (6GK5204-2BB10-2AA3)
|
6GK5204-2BB10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204-2FM (6GK5204-2BB11-2AA3)
Siemens / SCALANCE X204-2FM (6GK5204-2BB11-2AA3)
|
6GK5204-2BB11-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204-2LD (6GK5204-2BC10-2AA3)
Siemens / SCALANCE X204-2LD (6GK5204-2BC10-2AA3)
|
6GK5204-2BC10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2)
Siemens / SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2)
|
6GK5204-2BC10-2CA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204-2TS (6GK5204-2BB10-2CA2)
Siemens / SCALANCE X204-2TS (6GK5204-2BB10-2CA2)
|
6GK5204-2BB10-2CA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204IRT (6GK5204-0BA00-2BA3)
Siemens / SCALANCE X204IRT (6GK5204-0BA00-2BA3)
|
6GK5204-0BA00-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204IRT (6GK5204-0BA10-2BA3)
Siemens / SCALANCE X204IRT (6GK5204-0BA10-2BA3)
|
6GK5204-0BA10-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204IRT PRO (6GK5204-0JA00-2BA6)
Siemens / SCALANCE X204IRT PRO (6GK5204-0JA00-2BA6)
|
6GK5204-0JA00-2BA6
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204IRT PRO (6GK5204-0JA10-2BA6)
Siemens / SCALANCE X204IRT PRO (6GK5204-0JA10-2BA6)
|
6GK5204-0JA10-2BA6
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)
Siemens / SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)
|
6GK5204-0BA00-2MB2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)
Siemens / SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)
|
6GK5204-0BA00-2KB2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)
Siemens / SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)
|
6GK5204-0BS00-2NA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)
Siemens / SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)
|
6GK5204-0BS00-3LA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)
Siemens / SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)
|
6GK5204-0BS00-3PA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X206-1 (6GK5206-1BB10-2AA3)
Siemens / SCALANCE X206-1 (6GK5206-1BB10-2AA3)
|
6GK5206-1BB10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X206-1LD (6GK5206-1BC10-2AA3)
Siemens / SCALANCE X206-1LD (6GK5206-1BC10-2AA3)
|
6GK5206-1BC10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X208 (6GK5208-0BA10-2AA3)
Siemens / SCALANCE X208 (6GK5208-0BA10-2AA3)
|
6GK5208-0BA10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X208PRO (6GK5208-0HA10-2AA6)
Siemens / SCALANCE X208PRO (6GK5208-0HA10-2AA6)
|
6GK5208-0HA10-2AA6
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X212-2 (6GK5212-2BB00-2AA3)
Siemens / SCALANCE X212-2 (6GK5212-2BB00-2AA3)
|
6GK5212-2BB00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X212-2LD (6GK5212-2BC00-2AA3)
Siemens / SCALANCE X212-2LD (6GK5212-2BC00-2AA3)
|
6GK5212-2BC00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X216 (6GK5216-0BA00-2AA3)
Siemens / SCALANCE X216 (6GK5216-0BA00-2AA3)
|
6GK5216-0BA00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X224 (6GK5224-0BA00-2AA3)
Siemens / SCALANCE X224 (6GK5224-0BA00-2AA3)
|
6GK5224-0BA00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3)
Siemens / SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3)
|
6GK5302-7GD00-3GA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3)
Siemens / SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3)
|
6GK5302-7GD00-3EA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3)
Siemens / SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3)
|
6GK5302-7GD00-1GA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3)
Siemens / SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3)
|
6GK5302-7GD00-1EA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3)
Siemens / SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3)
|
6GK5302-7GD00-4GA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3)
Siemens / SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3)
|
6GK5302-7GD00-4EA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3)
Siemens / SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3)
|
6GK5302-7GD00-2GA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3)
Siemens / SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3)
|
6GK5302-7GD00-2EA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X304-2FE (6GK5304-2BD00-2AA3)
Siemens / SCALANCE X304-2FE (6GK5304-2BD00-2AA3)
|
6GK5304-2BD00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3)
Siemens / SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3)
|
6GK5306-1BF00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3)
Siemens / SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3)
|
6GK5307-2FD00-3GA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3)
Siemens / SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3)
|
6GK5307-2FD00-3EA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3)
Siemens / SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3)
|
6GK5307-2FD00-1GA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3)
Siemens / SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3)
|
6GK5307-2FD00-1EA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3)
Siemens / SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3)
|
6GK5307-2FD00-4GA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3)
Siemens / SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3)
|
6GK5307-2FD00-4EA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3)
Siemens / SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3)
|
6GK5307-2FD00-2GA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3)
Siemens / SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3)
|
6GK5307-2FD00-2EA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-3 (6GK5307-3BL00-2AA3)
Siemens / SCALANCE X307-3 (6GK5307-3BL00-2AA3)
|
6GK5307-3BL00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-3 (6GK5307-3BL10-2AA3)
Siemens / SCALANCE X307-3 (6GK5307-3BL10-2AA3)
|
6GK5307-3BL10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-3LD (6GK5307-3BM00-2AA3)
Siemens / SCALANCE X307-3LD (6GK5307-3BM00-2AA3)
|
6GK5307-3BM00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X307-3LD (6GK5307-3BM10-2AA3)
Siemens / SCALANCE X307-3LD (6GK5307-3BM10-2AA3)
|
6GK5307-3BM10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2 (6GK5308-2FL00-2AA3)
Siemens / SCALANCE X308-2 (6GK5308-2FL00-2AA3)
|
6GK5308-2FL00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2 (6GK5308-2FL10-2AA3)
Siemens / SCALANCE X308-2 (6GK5308-2FL10-2AA3)
|
6GK5308-2FL10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2LD (6GK5308-2FM00-2AA3)
Siemens / SCALANCE X308-2LD (6GK5308-2FM00-2AA3)
|
6GK5308-2FM00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2LD (6GK5308-2FM10-2AA3)
Siemens / SCALANCE X308-2LD (6GK5308-2FM10-2AA3)
|
6GK5308-2FM10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2LH (6GK5308-2FN00-2AA3)
Siemens / SCALANCE X308-2LH (6GK5308-2FN00-2AA3)
|
6GK5308-2FN00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2LH (6GK5308-2FN10-2AA3)
Siemens / SCALANCE X308-2LH (6GK5308-2FN10-2AA3)
|
6GK5308-2FN10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3)
Siemens / SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3)
|
6GK5308-2FP00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3)
Siemens / SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3)
|
6GK5308-2FP10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2M (6GK5308-2GG00-2AA2)
Siemens / SCALANCE X308-2M (6GK5308-2GG00-2AA2)
|
6GK5308-2GG00-2AA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2M (6GK5308-2GG10-2AA2)
Siemens / SCALANCE X308-2M (6GK5308-2GG10-2AA2)
|
6GK5308-2GG10-2AA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2)
Siemens / SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2)
|
6GK5308-2QG00-2AA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2)
Siemens / SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2)
|
6GK5308-2QG10-2AA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2M TS (6GK5308-2GG00-2CA2)
Siemens / SCALANCE X308-2M TS (6GK5308-2GG00-2CA2)
|
6GK5308-2GG00-2CA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X308-2M TS (6GK5308-2GG10-2CA2)
Siemens / SCALANCE X308-2M TS (6GK5308-2GG10-2CA2)
|
6GK5308-2GG10-2CA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X310 (6GK5310-0FA00-2AA3)
Siemens / SCALANCE X310 (6GK5310-0FA00-2AA3)
|
6GK5310-0FA00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X310 (6GK5310-0FA10-2AA3)
Siemens / SCALANCE X310 (6GK5310-0FA10-2AA3)
|
6GK5310-0FA10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X310FE (6GK5310-0BA00-2AA3)
Siemens / SCALANCE X310FE (6GK5310-0BA00-2AA3)
|
6GK5310-0BA00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X310FE (6GK5310-0BA10-2AA3)
Siemens / SCALANCE X310FE (6GK5310-0BA10-2AA3)
|
6GK5310-0BA10-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X320-1 FE (6GK5320-1BD00-2AA3)
Siemens / SCALANCE X320-1 FE (6GK5320-1BD00-2AA3)
|
6GK5320-1BD00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3)
Siemens / SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3)
|
6GK5320-3BF00-2AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE X408-2 (6GK5408-2FD00-2AA2)
Siemens / SCALANCE X408-2 (6GK5408-2FD00-2AA2)
|
6GK5408-2FD00-2AA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XC316-8 (6GK5324-8TS00-2AC2)
Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)
|
6GK5324-8TS00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XC324-4 (6GK5328-4TS00-2AC2)
Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)
|
6GK5328-4TS00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)
Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)
|
6GK5328-4TS00-2EC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XC332 (6GK5332-0GA00-2AC2)
Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)
|
6GK5332-0GA00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XC416-8 (6GK5424-8TR00-2AC2)
Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)
|
6GK5424-8TR00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XC424-4 (6GK5428-4TR00-2AC2)
Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)
|
6GK5428-4TR00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XC432 (6GK5432-0GR00-2AC2)
Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)
|
6GK5432-0GR00-2AC2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XF201-3P IRT (6GK5201-3BH00-2BD2)
Siemens / SCALANCE XF201-3P IRT (6GK5201-3BH00-2BD2)
|
6GK5201-3BH00-2BD2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XF202-2P IRT (6GK5202-2BH00-2BD2)
Siemens / SCALANCE XF202-2P IRT (6GK5202-2BH00-2BD2)
|
6GK5202-2BH00-2BD2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XF204 (6GK5204-0BA00-2AF2)
Siemens / SCALANCE XF204 (6GK5204-0BA00-2AF2)
|
6GK5204-0BA00-2AF2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XF204-2 (6GK5204-2BC00-2AF2)
Siemens / SCALANCE XF204-2 (6GK5204-2BC00-2AF2)
|
6GK5204-2BC00-2AF2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XF204-2BA IRT (6GK5204-2AA00-2BD2)
Siemens / SCALANCE XF204-2BA IRT (6GK5204-2AA00-2BD2)
|
6GK5204-2AA00-2BD2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XF204IRT (6GK5204-0BA00-2BF2)
Siemens / SCALANCE XF204IRT (6GK5204-0BA00-2BF2)
|
6GK5204-0BA00-2BF2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XF204IRT (6GK5204-0BA10-2BF2)
Siemens / SCALANCE XF204IRT (6GK5204-0BA10-2BF2)
|
6GK5204-0BA10-2BF2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XF206-1 (6GK5206-1BC00-2AF2)
Siemens / SCALANCE XF206-1 (6GK5206-1BC00-2AF2)
|
6GK5206-1BC00-2AF2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XF208 (6GK5208-0BA00-2AF2)
Siemens / SCALANCE XF208 (6GK5208-0BA00-2AF2)
|
6GK5208-0BA00-2AF2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR302-32 (6GK5334-5TS00-2AR3)
Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)
|
6GK5334-5TS00-2AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR302-32 (6GK5334-5TS00-3AR3)
Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)
|
6GK5334-5TS00-3AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR302-32 (6GK5334-5TS00-4AR3)
Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)
|
6GK5334-5TS00-4AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR322-12 (6GK5334-3TS00-2AR3)
Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)
|
6GK5334-3TS00-2AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR322-12 (6GK5334-3TS00-3AR3)
Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)
|
6GK5334-3TS00-3AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR322-12 (6GK5334-3TS00-4AR3)
Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)
|
6GK5334-3TS00-4AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2)
Siemens / SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2)
|
6GK5324-0GG00-3AR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2)
Siemens / SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2)
|
6GK5324-0GG10-3AR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2)
Siemens / SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2)
|
6GK5324-0GG00-3HR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2)
Siemens / SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2)
|
6GK5324-0GG10-3HR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2)
Siemens / SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2)
|
6GK5324-0GG00-1AR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2)
Siemens / SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2)
|
6GK5324-0GG10-1AR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2)
Siemens / SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2)
|
6GK5324-0GG00-1HR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2)
Siemens / SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2)
|
6GK5324-0GG10-1HR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2)
Siemens / SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2)
|
6GK5324-0GG00-1CR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2)
Siemens / SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2)
|
6GK5324-0GG10-1CR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2)
Siemens / SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2)
|
6GK5324-4GG00-3ER2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2)
Siemens / SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2)
|
6GK5324-4GG10-3ER2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2)
Siemens / SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2)
|
6GK5324-4GG00-3JR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2)
Siemens / SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2)
|
6GK5324-4GG10-3JR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2)
Siemens / SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2)
|
6GK5324-4GG00-1ER2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2)
Siemens / SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2)
|
6GK5324-4GG10-1ER2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2)
Siemens / SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2)
|
6GK5324-4GG00-1JR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2)
Siemens / SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2)
|
6GK5324-4GG10-1JR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2)
Siemens / SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2)
|
6GK5324-4GG00-4ER2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2)
Siemens / SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2)
|
6GK5324-4GG10-4ER2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2)
Siemens / SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2)
|
6GK5324-4GG00-4JR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2)
Siemens / SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2)
|
6GK5324-4GG10-4JR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2)
Siemens / SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2)
|
6GK5324-4GG00-2ER2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2)
Siemens / SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2)
|
6GK5324-4GG10-2ER2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2)
Siemens / SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2)
|
6GK5324-4GG00-2JR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2)
Siemens / SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2)
|
6GK5324-4GG10-2JR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2)
Siemens / SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2)
|
6GK5324-4QG00-3AR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG10-3AR2)
Siemens / SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG10-3AR2)
|
6GK5324-4QG10-3AR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2)
Siemens / SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2)
|
6GK5324-4QG00-3HR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG10-3HR2)
Siemens / SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG10-3HR2)
|
6GK5324-4QG10-3HR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2)
Siemens / SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2)
|
6GK5324-4QG00-1AR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG10-1AR2)
Siemens / SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG10-1AR2)
|
6GK5324-4QG10-1AR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2)
Siemens / SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2)
|
6GK5324-4QG00-1HR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG10-1HR2)
Siemens / SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG10-1HR2)
|
6GK5324-4QG10-1HR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2)
Siemens / SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2)
|
6GK5324-4QG00-1CR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG10-1CR2)
Siemens / SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG10-1CR2)
|
6GK5324-4QG10-1CR2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR326-8 (6GK5334-2TS00-2AR3)
Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)
|
6GK5334-2TS00-2AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR326-8 (6GK5334-2TS00-3AR3)
Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)
|
6GK5334-2TS00-3AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR326-8 (6GK5334-2TS00-4AR3)
Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)
|
6GK5334-2TS00-4AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)
Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)
|
6GK5334-2TS00-2ER3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR502-32 (6GK5534-5TR00-2AR3)
Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)
|
6GK5534-5TR00-2AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR502-32 (6GK5534-5TR00-3AR3)
Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)
|
6GK5534-5TR00-3AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR502-32 (6GK5534-5TR00-4AR3)
Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)
|
6GK5534-5TR00-4AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR522-12 (6GK5534-3TR00-2AR3)
Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)
|
6GK5534-3TR00-2AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR522-12 (6GK5534-3TR00-3AR3)
Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)
|
6GK5534-3TR00-3AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR522-12 (6GK5534-3TR00-4AR3)
Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)
|
6GK5534-3TR00-4AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR524-8WG (6GK5532-2SR00-2AR3)
Siemens / SCALANCE XR524-8WG (6GK5532-2SR00-2AR3)
|
6GK5532-2SR00-2AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR524-8WG (6GK5532-2SR00-2RR3)
Siemens / SCALANCE XR524-8WG (6GK5532-2SR00-2RR3)
|
6GK5532-2SR00-2RR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR524-8WG (6GK5532-2SR00-3AR3)
Siemens / SCALANCE XR524-8WG (6GK5532-2SR00-3AR3)
|
6GK5532-2SR00-3AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR524-8WG (6GK5532-2SR00-3RR3)
Siemens / SCALANCE XR524-8WG (6GK5532-2SR00-3RR3)
|
6GK5532-2SR00-3RR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR526-8 (6GK5534-2TR00-2AR3)
Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)
|
6GK5534-2TR00-2AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR526-8 (6GK5534-2TR00-3AR3)
Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)
|
6GK5534-2TR00-3AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SCALANCE XR526-8 (6GK5534-2TR00-4AR3)
Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)
|
6GK5534-2TR00-4AR3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
Shopfloor IT Suite
Siemens / Shopfloor IT Suite
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIDIS Prime
Siemens / SIDIS Prime
|
vers:intdot/>=4.0.700 |
Mitigation
Mitigation
Mitigation
Vendor Fix
|
|
|
Siemens OPC UA Modelling Editor (SiOME)
Siemens / Siemens OPC UA Modelling Editor (SiOME)
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIMATIC Comfort/Mobile RT
Siemens / SIMATIC Comfort/Mobile RT
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIMATIC eaSie Core Package (6DL5424-0AX00-0AV8)
Siemens / SIMATIC eaSie Core Package (6DL5424-0AX00-0AV8)
|
6DL5424-0AX00-0AV8
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8)
Siemens / SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8)
|
6DL5424-0BX00-0AV8
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC HMI Basic Panels
Siemens / SIMATIC HMI Basic Panels
|
vers:intdot/<17.0.9 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC HMI Comfort Panels
Siemens / SIMATIC HMI Comfort Panels
|
vers:intdot/<17.0.9 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC HMI Mobile Panels
Siemens / SIMATIC HMI Mobile Panels
|
vers:intdot/<17.0.9 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC IOT2050 (6ES7647-0BA00-1YA2)
Siemens / SIMATIC IOT2050 (6ES7647-0BA00-1YA2)
|
6ES7647-0BA00-1YA2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC IPC BX-21A
Siemens / SIMATIC IPC BX-21A
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIMATIC IPC MD-57A
Siemens / SIMATIC IPC MD-57A
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIMATIC IPC ORCLA
Siemens / SIMATIC IPC ORCLA
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIMATIC MV530 H (6GF3530-0GE10)
Siemens / SIMATIC MV530 H (6GF3530-0GE10)
|
6GF3530-0GE10
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC MV530 S (6GF3530-0CD10)
Siemens / SIMATIC MV530 S (6GF3530-0CD10)
|
6GF3530-0CD10
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC MV540 H (6GF3540-0GE10)
Siemens / SIMATIC MV540 H (6GF3540-0GE10)
|
6GF3540-0GE10
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC MV540 H CRANES (6GF3540-0GE30)
Siemens / SIMATIC MV540 H CRANES (6GF3540-0GE30)
|
6GF3540-0GE30
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC MV540 S (6GF3540-0CD10)
Siemens / SIMATIC MV540 S (6GF3540-0CD10)
|
6GF3540-0CD10
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC MV550 H (6GF3550-0GE10)
Siemens / SIMATIC MV550 H (6GF3550-0GE10)
|
6GF3550-0GE10
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC MV550 S (6GF3550-0CD10)
Siemens / SIMATIC MV550 S (6GF3550-0CD10)
|
6GF3550-0CD10
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC MV560 U (6GF3560-0LE10)
Siemens / SIMATIC MV560 U (6GF3560-0LE10)
|
6GF3560-0LE10
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC MV560 X (6GF3560-0HE10)
Siemens / SIMATIC MV560 X (6GF3560-0HE10)
|
6GF3560-0HE10
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC PDM V9.3
Siemens / SIMATIC PDM V9.3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIMATIC RTLS Locating Manager (6GT2780-0DA00)
Siemens / SIMATIC RTLS Locating Manager (6GT2780-0DA00)
|
6GT2780-0DA00
|
vers:all/* |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC RTLS Locating Manager (6GT2780-0DA10)
Siemens / SIMATIC RTLS Locating Manager (6GT2780-0DA10)
|
6GT2780-0DA10
|
vers:all/* |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC RTLS Locating Manager (6GT2780-0DA20)
Siemens / SIMATIC RTLS Locating Manager (6GT2780-0DA20)
|
6GT2780-0DA20
|
vers:all/* |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC RTLS Locating Manager (6GT2780-0DA30)
Siemens / SIMATIC RTLS Locating Manager (6GT2780-0DA30)
|
6GT2780-0DA30
|
vers:all/* |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC RTLS Locating Manager (6GT2780-1EA10)
Siemens / SIMATIC RTLS Locating Manager (6GT2780-1EA10)
|
6GT2780-1EA10
|
vers:all/* |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC RTLS Locating Manager (6GT2780-1EA20)
Siemens / SIMATIC RTLS Locating Manager (6GT2780-1EA20)
|
6GT2780-1EA20
|
vers:all/* |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC RTLS Locating Manager (6GT2780-1EA30)
Siemens / SIMATIC RTLS Locating Manager (6GT2780-1EA30)
|
6GT2780-1EA30
|
vers:all/* |
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMATIC STEP 7 V5
Siemens / SIMATIC STEP 7 V5
|
vers:intdot/<5.7.4 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC Target
Siemens / SIMATIC Target
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIMATIC WinCC OA V3.19
Siemens / SIMATIC WinCC OA V3.19
|
vers:intdot/<3.19.024 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC WinCC OA V3.20
Siemens / SIMATIC WinCC OA V3.20
|
vers:intdot/<3.20.012 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC WinCC OA V3.21
Siemens / SIMATIC WinCC OA V3.21
|
vers:intdot/<3.21.02 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC WinCC Runtime Advanced V17
Siemens / SIMATIC WinCC Runtime Advanced V17
|
vers:intdot/<17.0.9 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC WinCC Unified Sequence
Siemens / SIMATIC WinCC Unified Sequence
|
vers:intdot/<21 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC WinCC V7.5
Siemens / SIMATIC WinCC V7.5
|
vers:all/* |
Mitigation
Mitigation
Mitigation
No Fix Planned
|
|
|
SIMATIC WinCC V8.0
Siemens / SIMATIC WinCC V8.0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
No Fix Planned
|
|
|
SIMATIC WinCC V8.1
Siemens / SIMATIC WinCC V8.1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
No Fix Planned
|
|
|
SIMOTION OACAMGEN (6AU1820-3EA20-0AB0)
Siemens / SIMOTION OACAMGEN (6AU1820-3EA20-0AB0)
|
6AU1820-3EA20-0AB0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIMOVE Fleetmanager V3.1
Siemens / SIMOVE Fleetmanager V3.1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIMOVE Fleetmanager V3.2
Siemens / SIMOVE Fleetmanager V3.2
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIMOVE Fleetmanager V3.3
Siemens / SIMOVE Fleetmanager V3.3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SINAMICS G200
Siemens / SINAMICS G200
|
vers:intdot/>=6.3 |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SINAMICS G220
Siemens / SINAMICS G220
|
vers:intdot/>=6.3 |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SINAMICS S200
Siemens / SINAMICS S200
|
vers:intdot/>=6.3 |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SINAMICS S210
Siemens / SINAMICS S210
|
vers:intdot/>=6.3 |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SINAMICS S220
Siemens / SINAMICS S220
|
vers:intdot/>=6.3 |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SINEC INS
Siemens / SINEC INS
|
vers:intdot/<1.0.2.5 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SINEC NMS
Siemens / SINEC NMS
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SINEC Security Monitor
Siemens / SINEC Security Monitor
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SINUMERIK Access MyMachine /OPC UA
Siemens / SINUMERIK Access MyMachine /OPC UA
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SIPLANT
Siemens / SIPLANT
|
vers:all/* |
Mitigation
Mitigation
Mitigation
Vendor Fix
|
|
|
SIPLUS NET SCALANCE X202-2P IRT (6AG1202-2BH00-2BA3)
Siemens / SIPLUS NET SCALANCE X202-2P IRT (6AG1202-2BH00-2BA3)
|
6AG1202-2BH00-2BA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SIPLUS NET SCALANCE X308-2 (6AG1308-2FL10-4AA3)
Siemens / SIPLUS NET SCALANCE X308-2 (6AG1308-2FL10-4AA3)
|
6AG1308-2FL10-4AA3
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
SITRANS ASM IQ
Siemens / SITRANS ASM IQ
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
SITRANS Soft Sensor Engine IQ (SITRANS SSE IQ)
Siemens / SITRANS Soft Sensor Engine IQ (SITRANS SSE IQ)
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
|
|
User Management Component (UMC)
Siemens / User Management Component (UMC)
|
vers:intdot/<2.15.3.0 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
Visual Inspection Cockpit
Siemens / Visual Inspection Cockpit
|
vers:all/* |
Mitigation
Mitigation
Mitigation
None Available
|
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenSSL has published a stack based buffer overflow vulnerability that allows a remote attacker to cause a denial of service (DoS) or potentially allow for remote code execution.\n\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-434797: Buffer Overflow Vulnerability in OpenSSL affecting Siemens Products - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-434797.html"
},
{
"category": "self",
"summary": "SSA-434797: Buffer Overflow Vulnerability in OpenSSL affecting Siemens Products - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-434797.json"
}
],
"title": "SSA-434797: Buffer Overflow Vulnerability in OpenSSL affecting Siemens Products",
"tracking": {
"current_release_date": "2026-06-09T00:00:00.000Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-434797",
"initial_release_date": "2026-06-09T00:00:00.000Z",
"revision_history": [
{
"date": "2026-06-09T00:00:00.000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "AI Lightweight Inference Server",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "AI Lightweight Inference Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.8.0",
"product": {
"name": "Connector for Azure",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "Connector for Azure"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.3.2",
"product": {
"name": "Databus",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "Databus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "HiMed Cockpit",
"product_id": "4"
}
}
],
"category": "product_name",
"name": "HiMed Cockpit"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)",
"product_id": "5",
"product_identification_helper": {
"model_numbers": [
"6GK6108-4AM00-2BA2"
]
}
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)",
"product_id": "6",
"product_identification_helper": {
"model_numbers": [
"6GK6108-4AM00-2DA2"
]
}
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE LPE9403 (6GK5998-3GS00-2AC2)",
"product_id": "7",
"product_identification_helper": {
"model_numbers": [
"6GK5998-3GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE LPE9403 (6GK5998-3GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE LPE9413 (6GK5998-3GS01-2AC2)",
"product_id": "8",
"product_identification_helper": {
"model_numbers": [
"6GK5998-3GS01-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE LPE9413 (6GK5998-3GS01-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE LPE9433 (6GK5998-3GS11-2AC2)",
"product_id": "9",
"product_identification_helper": {
"model_numbers": [
"6GK5998-3GS11-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE LPE9433 (6GK5998-3GS11-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M804PB (6GK5804-0AP00-2AA2)",
"product_id": "10",
"product_identification_helper": {
"model_numbers": [
"6GK5804-0AP00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M804PB (6GK5804-0AP00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M812-1 ADSL-Router family",
"product_id": "11"
}
}
],
"category": "product_name",
"name": "SCALANCE M812-1 ADSL-Router family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M816-1 ADSL-Router family",
"product_id": "12"
}
}
],
"category": "product_name",
"name": "SCALANCE M816-1 ADSL-Router family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)",
"product_id": "13",
"product_identification_helper": {
"model_numbers": [
"6GK5826-2AB00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M874-2 (6GK5874-2AA00-2AA2)",
"product_id": "14",
"product_identification_helper": {
"model_numbers": [
"6GK5874-2AA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M874-2 (6GK5874-2AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M874-3 (6GK5874-3AA00-2AA2)",
"product_id": "15",
"product_identification_helper": {
"model_numbers": [
"6GK5874-3AA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M874-3 (6GK5874-3AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)",
"product_id": "16",
"product_identification_helper": {
"model_numbers": [
"6GK5874-3AA00-2FA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M876-3 (6GK5876-3AA02-2BA2)",
"product_id": "17",
"product_identification_helper": {
"model_numbers": [
"6GK5876-3AA02-2BA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M876-3 (6GK5876-3AA02-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)",
"product_id": "18",
"product_identification_helper": {
"model_numbers": [
"6GK5876-3AA02-2EA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M876-4 (6GK5876-4AA10-2BA2)",
"product_id": "19",
"product_identification_helper": {
"model_numbers": [
"6GK5876-4AA10-2BA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (6GK5876-4AA10-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)",
"product_id": "20",
"product_identification_helper": {
"model_numbers": [
"6GK5876-4AA00-2BA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)",
"product_id": "21",
"product_identification_helper": {
"model_numbers": [
"6GK5876-4AA00-2DA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1)",
"product_id": "22",
"product_identification_helper": {
"model_numbers": [
"6GK5852-1EA10-1AA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1)",
"product_id": "23",
"product_identification_helper": {
"model_numbers": [
"6GK5852-1EA10-1BA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)",
"product_id": "24",
"product_identification_helper": {
"model_numbers": [
"6GK5853-2EA10-2AA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)",
"product_id": "25",
"product_identification_helper": {
"model_numbers": [
"6GK5853-2EA10-2BA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)",
"product_id": "26",
"product_identification_helper": {
"model_numbers": [
"6GK5853-2EA00-2DA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)",
"product_id": "27",
"product_identification_helper": {
"model_numbers": [
"6GK5856-2EA10-3AA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)",
"product_id": "28",
"product_identification_helper": {
"model_numbers": [
"6GK5856-2EA10-3BA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)",
"product_id": "29",
"product_identification_helper": {
"model_numbers": [
"6GK5856-2EA00-3FA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)",
"product_id": "30",
"product_identification_helper": {
"model_numbers": [
"6GK5856-2EA00-3DA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)",
"product_id": "31",
"product_identification_helper": {
"model_numbers": [
"6GK5856-2EA00-3AA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)",
"product_id": "32",
"product_identification_helper": {
"model_numbers": [
"6GK5615-0AA01-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)",
"product_id": "33",
"product_identification_helper": {
"model_numbers": [
"6GK5615-0AA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2)",
"product_id": "34",
"product_identification_helper": {
"model_numbers": [
"6GK5622-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE SC626-2C (6GK5626-2GS00-2AC2)",
"product_id": "35",
"product_identification_helper": {
"model_numbers": [
"6GK5626-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC626-2C (6GK5626-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2)",
"product_id": "36",
"product_identification_helper": {
"model_numbers": [
"6GK5632-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2)",
"product_id": "37",
"product_identification_helper": {
"model_numbers": [
"6GK5636-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2)",
"product_id": "38",
"product_identification_helper": {
"model_numbers": [
"6GK5642-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2)",
"product_id": "39",
"product_identification_helper": {
"model_numbers": [
"6GK5646-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)",
"product_id": "40",
"product_identification_helper": {
"model_numbers": [
"6GK5762-1AJ00-6AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)",
"product_id": "41",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-7DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)",
"product_id": "42",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-7DC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)",
"product_id": "43",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-7DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)",
"product_id": "44",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)",
"product_id": "45",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7DC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)",
"product_id": "46",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)",
"product_id": "47",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)",
"product_id": "48",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7TC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)",
"product_id": "49",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)",
"product_id": "50",
"product_identification_helper": {
"model_numbers": [
"6GK5762-1AJ00-1AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)",
"product_id": "51",
"product_identification_helper": {
"model_numbers": [
"6GK5762-1AJ00-2AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)",
"product_id": "52",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)",
"product_id": "53",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)",
"product_id": "54",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)",
"product_id": "55",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)",
"product_id": "56",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-3DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)",
"product_id": "57",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-3DC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)",
"product_id": "58",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-3DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3)",
"product_id": "59",
"product_identification_helper": {
"model_numbers": [
"6GK5200-4AH00-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X200-4P IRT (6GK5200-4AH10-2BA3)",
"product_id": "60",
"product_identification_helper": {
"model_numbers": [
"6GK5200-4AH10-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X200-4P IRT (6GK5200-4AH10-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X201-3P IRT (6GK5201-3BH00-2BA3)",
"product_id": "61",
"product_identification_helper": {
"model_numbers": [
"6GK5201-3BH00-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X201-3P IRT (6GK5201-3BH00-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X201-3P IRT (6GK5201-3BH10-2BA3)",
"product_id": "62",
"product_identification_helper": {
"model_numbers": [
"6GK5201-3BH10-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X201-3P IRT (6GK5201-3BH10-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X201-3P IRT PRO (6GK5201-3JR00-2BA6)",
"product_id": "63",
"product_identification_helper": {
"model_numbers": [
"6GK5201-3JR00-2BA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X201-3P IRT PRO (6GK5201-3JR00-2BA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X201-3P IRT PRO (6GK5201-3JR10-2BA6)",
"product_id": "64",
"product_identification_helper": {
"model_numbers": [
"6GK5201-3JR10-2BA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X201-3P IRT PRO (6GK5201-3JR10-2BA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X202-2IRT (6GK5202-2BB00-2BA3)",
"product_id": "65",
"product_identification_helper": {
"model_numbers": [
"6GK5202-2BB00-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X202-2IRT (6GK5202-2BB00-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X202-2IRT (6GK5202-2BB10-2BA3)",
"product_id": "66",
"product_identification_helper": {
"model_numbers": [
"6GK5202-2BB10-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X202-2IRT (6GK5202-2BB10-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X202-2P IRT (6GK5202-2BH00-2BA3)",
"product_id": "67",
"product_identification_helper": {
"model_numbers": [
"6GK5202-2BH00-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X202-2P IRT (6GK5202-2BH00-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X202-2P IRT (6GK5202-2BH10-2BA3)",
"product_id": "68",
"product_identification_helper": {
"model_numbers": [
"6GK5202-2BH10-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X202-2P IRT (6GK5202-2BH10-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X202-2P IRT PRO (6GK5202-2JR00-2BA6)",
"product_id": "69",
"product_identification_helper": {
"model_numbers": [
"6GK5202-2JR00-2BA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X202-2P IRT PRO (6GK5202-2JR00-2BA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X202-2P IRT PRO (6GK5202-2JR10-2BA6)",
"product_id": "70",
"product_identification_helper": {
"model_numbers": [
"6GK5202-2JR10-2BA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X202-2P IRT PRO (6GK5202-2JR10-2BA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204-2 (6GK5204-2BB10-2AA3)",
"product_id": "71",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2BB10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204-2 (6GK5204-2BB10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204-2FM (6GK5204-2BB11-2AA3)",
"product_id": "72",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2BB11-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204-2FM (6GK5204-2BB11-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204-2LD (6GK5204-2BC10-2AA3)",
"product_id": "73",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2BC10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204-2LD (6GK5204-2BC10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2)",
"product_id": "74",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2BC10-2CA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204-2TS (6GK5204-2BB10-2CA2)",
"product_id": "75",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2BB10-2CA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204-2TS (6GK5204-2BB10-2CA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204IRT (6GK5204-0BA00-2BA3)",
"product_id": "76",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204IRT (6GK5204-0BA00-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204IRT (6GK5204-0BA10-2BA3)",
"product_id": "77",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA10-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204IRT (6GK5204-0BA10-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204IRT PRO (6GK5204-0JA00-2BA6)",
"product_id": "78",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0JA00-2BA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204IRT PRO (6GK5204-0JA00-2BA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204IRT PRO (6GK5204-0JA10-2BA6)",
"product_id": "79",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0JA10-2BA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204IRT PRO (6GK5204-0JA10-2BA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)",
"product_id": "80",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2MB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)",
"product_id": "81",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2KB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)",
"product_id": "82",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BS00-2NA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)",
"product_id": "83",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BS00-3LA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)",
"product_id": "84",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BS00-3PA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X206-1 (6GK5206-1BB10-2AA3)",
"product_id": "85",
"product_identification_helper": {
"model_numbers": [
"6GK5206-1BB10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X206-1 (6GK5206-1BB10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X206-1LD (6GK5206-1BC10-2AA3)",
"product_id": "86",
"product_identification_helper": {
"model_numbers": [
"6GK5206-1BC10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X206-1LD (6GK5206-1BC10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X208 (6GK5208-0BA10-2AA3)",
"product_id": "87",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X208 (6GK5208-0BA10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X208PRO (6GK5208-0HA10-2AA6)",
"product_id": "88",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0HA10-2AA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X208PRO (6GK5208-0HA10-2AA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X212-2 (6GK5212-2BB00-2AA3)",
"product_id": "89",
"product_identification_helper": {
"model_numbers": [
"6GK5212-2BB00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X212-2 (6GK5212-2BB00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X212-2LD (6GK5212-2BC00-2AA3)",
"product_id": "90",
"product_identification_helper": {
"model_numbers": [
"6GK5212-2BC00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X212-2LD (6GK5212-2BC00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X216 (6GK5216-0BA00-2AA3)",
"product_id": "91",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X216 (6GK5216-0BA00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X224 (6GK5224-0BA00-2AA3)",
"product_id": "92",
"product_identification_helper": {
"model_numbers": [
"6GK5224-0BA00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X224 (6GK5224-0BA00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3)",
"product_id": "93",
"product_identification_helper": {
"model_numbers": [
"6GK5302-7GD00-3GA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X302-7 EEC (230V, coated) (6GK5302-7GD00-3GA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3)",
"product_id": "94",
"product_identification_helper": {
"model_numbers": [
"6GK5302-7GD00-3EA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X302-7 EEC (230V) (6GK5302-7GD00-3EA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3)",
"product_id": "95",
"product_identification_helper": {
"model_numbers": [
"6GK5302-7GD00-1GA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X302-7 EEC (24V, coated) (6GK5302-7GD00-1GA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3)",
"product_id": "96",
"product_identification_helper": {
"model_numbers": [
"6GK5302-7GD00-1EA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X302-7 EEC (24V) (6GK5302-7GD00-1EA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3)",
"product_id": "97",
"product_identification_helper": {
"model_numbers": [
"6GK5302-7GD00-4GA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X302-7 EEC (2x 230V, coated) (6GK5302-7GD00-4GA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3)",
"product_id": "98",
"product_identification_helper": {
"model_numbers": [
"6GK5302-7GD00-4EA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X302-7 EEC (2x 230V) (6GK5302-7GD00-4EA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3)",
"product_id": "99",
"product_identification_helper": {
"model_numbers": [
"6GK5302-7GD00-2GA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X302-7 EEC (2x 24V, coated) (6GK5302-7GD00-2GA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3)",
"product_id": "100",
"product_identification_helper": {
"model_numbers": [
"6GK5302-7GD00-2EA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X302-7 EEC (2x 24V) (6GK5302-7GD00-2EA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X304-2FE (6GK5304-2BD00-2AA3)",
"product_id": "101",
"product_identification_helper": {
"model_numbers": [
"6GK5304-2BD00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X304-2FE (6GK5304-2BD00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3)",
"product_id": "102",
"product_identification_helper": {
"model_numbers": [
"6GK5306-1BF00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3)",
"product_id": "103",
"product_identification_helper": {
"model_numbers": [
"6GK5307-2FD00-3GA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-2 EEC (230V, coated) (6GK5307-2FD00-3GA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3)",
"product_id": "104",
"product_identification_helper": {
"model_numbers": [
"6GK5307-2FD00-3EA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-2 EEC (230V) (6GK5307-2FD00-3EA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3)",
"product_id": "105",
"product_identification_helper": {
"model_numbers": [
"6GK5307-2FD00-1GA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-2 EEC (24V, coated) (6GK5307-2FD00-1GA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3)",
"product_id": "106",
"product_identification_helper": {
"model_numbers": [
"6GK5307-2FD00-1EA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-2 EEC (24V) (6GK5307-2FD00-1EA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3)",
"product_id": "107",
"product_identification_helper": {
"model_numbers": [
"6GK5307-2FD00-4GA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-2 EEC (2x 230V, coated) (6GK5307-2FD00-4GA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3)",
"product_id": "108",
"product_identification_helper": {
"model_numbers": [
"6GK5307-2FD00-4EA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-2 EEC (2x 230V) (6GK5307-2FD00-4EA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3)",
"product_id": "109",
"product_identification_helper": {
"model_numbers": [
"6GK5307-2FD00-2GA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-2 EEC (2x 24V, coated) (6GK5307-2FD00-2GA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3)",
"product_id": "110",
"product_identification_helper": {
"model_numbers": [
"6GK5307-2FD00-2EA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-2 EEC (2x 24V) (6GK5307-2FD00-2EA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-3 (6GK5307-3BL00-2AA3)",
"product_id": "111",
"product_identification_helper": {
"model_numbers": [
"6GK5307-3BL00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-3 (6GK5307-3BL00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-3 (6GK5307-3BL10-2AA3)",
"product_id": "112",
"product_identification_helper": {
"model_numbers": [
"6GK5307-3BL10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-3 (6GK5307-3BL10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-3LD (6GK5307-3BM00-2AA3)",
"product_id": "113",
"product_identification_helper": {
"model_numbers": [
"6GK5307-3BM00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-3LD (6GK5307-3BM00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X307-3LD (6GK5307-3BM10-2AA3)",
"product_id": "114",
"product_identification_helper": {
"model_numbers": [
"6GK5307-3BM10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X307-3LD (6GK5307-3BM10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2 (6GK5308-2FL00-2AA3)",
"product_id": "115",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2FL00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2 (6GK5308-2FL00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2 (6GK5308-2FL10-2AA3)",
"product_id": "116",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2FL10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2 (6GK5308-2FL10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2LD (6GK5308-2FM00-2AA3)",
"product_id": "117",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2FM00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2LD (6GK5308-2FM00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2LD (6GK5308-2FM10-2AA3)",
"product_id": "118",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2FM10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2LD (6GK5308-2FM10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2LH (6GK5308-2FN00-2AA3)",
"product_id": "119",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2FN00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2LH (6GK5308-2FN00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2LH (6GK5308-2FN10-2AA3)",
"product_id": "120",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2FN10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2LH (6GK5308-2FN10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3)",
"product_id": "121",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2FP00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2LH+ (6GK5308-2FP00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3)",
"product_id": "122",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2FP10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2LH+ (6GK5308-2FP10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2M (6GK5308-2GG00-2AA2)",
"product_id": "123",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2GG00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2M (6GK5308-2GG00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2M (6GK5308-2GG10-2AA2)",
"product_id": "124",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2GG10-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2M (6GK5308-2GG10-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2)",
"product_id": "125",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2QG00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2M PoE (6GK5308-2QG00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2)",
"product_id": "126",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2QG10-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2M PoE (6GK5308-2QG10-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2M TS (6GK5308-2GG00-2CA2)",
"product_id": "127",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2GG00-2CA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2M TS (6GK5308-2GG00-2CA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X308-2M TS (6GK5308-2GG10-2CA2)",
"product_id": "128",
"product_identification_helper": {
"model_numbers": [
"6GK5308-2GG10-2CA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X308-2M TS (6GK5308-2GG10-2CA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X310 (6GK5310-0FA00-2AA3)",
"product_id": "129",
"product_identification_helper": {
"model_numbers": [
"6GK5310-0FA00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X310 (6GK5310-0FA00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X310 (6GK5310-0FA10-2AA3)",
"product_id": "130",
"product_identification_helper": {
"model_numbers": [
"6GK5310-0FA10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X310 (6GK5310-0FA10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X310FE (6GK5310-0BA00-2AA3)",
"product_id": "131",
"product_identification_helper": {
"model_numbers": [
"6GK5310-0BA00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X310FE (6GK5310-0BA00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X310FE (6GK5310-0BA10-2AA3)",
"product_id": "132",
"product_identification_helper": {
"model_numbers": [
"6GK5310-0BA10-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X310FE (6GK5310-0BA10-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X320-1 FE (6GK5320-1BD00-2AA3)",
"product_id": "133",
"product_identification_helper": {
"model_numbers": [
"6GK5320-1BD00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X320-1 FE (6GK5320-1BD00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3)",
"product_id": "134",
"product_identification_helper": {
"model_numbers": [
"6GK5320-3BF00-2AA3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE X408-2 (6GK5408-2FD00-2AA2)",
"product_id": "135",
"product_identification_helper": {
"model_numbers": [
"6GK5408-2FD00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE X408-2 (6GK5408-2FD00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XC316-8 (6GK5324-8TS00-2AC2)",
"product_id": "136",
"product_identification_helper": {
"model_numbers": [
"6GK5324-8TS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC316-8 (6GK5324-8TS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XC324-4 (6GK5328-4TS00-2AC2)",
"product_id": "137",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4TS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC324-4 (6GK5328-4TS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)",
"product_id": "138",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4TS00-2EC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XC332 (6GK5332-0GA00-2AC2)",
"product_id": "139",
"product_identification_helper": {
"model_numbers": [
"6GK5332-0GA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC332 (6GK5332-0GA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XC416-8 (6GK5424-8TR00-2AC2)",
"product_id": "140",
"product_identification_helper": {
"model_numbers": [
"6GK5424-8TR00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC416-8 (6GK5424-8TR00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XC424-4 (6GK5428-4TR00-2AC2)",
"product_id": "141",
"product_identification_helper": {
"model_numbers": [
"6GK5428-4TR00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC424-4 (6GK5428-4TR00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XC432 (6GK5432-0GR00-2AC2)",
"product_id": "142",
"product_identification_helper": {
"model_numbers": [
"6GK5432-0GR00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC432 (6GK5432-0GR00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XF201-3P IRT (6GK5201-3BH00-2BD2)",
"product_id": "143",
"product_identification_helper": {
"model_numbers": [
"6GK5201-3BH00-2BD2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF201-3P IRT (6GK5201-3BH00-2BD2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XF202-2P IRT (6GK5202-2BH00-2BD2)",
"product_id": "144",
"product_identification_helper": {
"model_numbers": [
"6GK5202-2BH00-2BD2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF202-2P IRT (6GK5202-2BH00-2BD2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XF204 (6GK5204-0BA00-2AF2)",
"product_id": "145",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2AF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204 (6GK5204-0BA00-2AF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XF204-2 (6GK5204-2BC00-2AF2)",
"product_id": "146",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2BC00-2AF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204-2 (6GK5204-2BC00-2AF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XF204-2BA IRT (6GK5204-2AA00-2BD2)",
"product_id": "147",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2AA00-2BD2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204-2BA IRT (6GK5204-2AA00-2BD2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XF204IRT (6GK5204-0BA00-2BF2)",
"product_id": "148",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2BF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204IRT (6GK5204-0BA00-2BF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XF204IRT (6GK5204-0BA10-2BF2)",
"product_id": "149",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA10-2BF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204IRT (6GK5204-0BA10-2BF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XF206-1 (6GK5206-1BC00-2AF2)",
"product_id": "150",
"product_identification_helper": {
"model_numbers": [
"6GK5206-1BC00-2AF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF206-1 (6GK5206-1BC00-2AF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XF208 (6GK5208-0BA00-2AF2)",
"product_id": "151",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2AF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF208 (6GK5208-0BA00-2AF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR302-32 (6GK5334-5TS00-2AR3)",
"product_id": "152",
"product_identification_helper": {
"model_numbers": [
"6GK5334-5TS00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR302-32 (6GK5334-5TS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR302-32 (6GK5334-5TS00-3AR3)",
"product_id": "153",
"product_identification_helper": {
"model_numbers": [
"6GK5334-5TS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR302-32 (6GK5334-5TS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR302-32 (6GK5334-5TS00-4AR3)",
"product_id": "154",
"product_identification_helper": {
"model_numbers": [
"6GK5334-5TS00-4AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR302-32 (6GK5334-5TS00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR322-12 (6GK5334-3TS00-2AR3)",
"product_id": "155",
"product_identification_helper": {
"model_numbers": [
"6GK5334-3TS00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR322-12 (6GK5334-3TS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR322-12 (6GK5334-3TS00-3AR3)",
"product_id": "156",
"product_identification_helper": {
"model_numbers": [
"6GK5334-3TS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR322-12 (6GK5334-3TS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR322-12 (6GK5334-3TS00-4AR3)",
"product_id": "157",
"product_identification_helper": {
"model_numbers": [
"6GK5334-3TS00-4AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR322-12 (6GK5334-3TS00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2)",
"product_id": "158",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0GG00-3AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG00-3AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2)",
"product_id": "159",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0GG10-3AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-12M (230V, ports on front) (6GK5324-0GG10-3AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2)",
"product_id": "160",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0GG00-3HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG00-3HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2)",
"product_id": "161",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0GG10-3HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-12M (230V, ports on rear) (6GK5324-0GG10-3HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2)",
"product_id": "162",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0GG00-1AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG00-1AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2)",
"product_id": "163",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0GG10-1AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-12M (24V, ports on front) (6GK5324-0GG10-1AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2)",
"product_id": "164",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0GG00-1HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG00-1HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2)",
"product_id": "165",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0GG10-1HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-12M (24V, ports on rear) (6GK5324-0GG10-1HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2)",
"product_id": "166",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0GG00-1CR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-12M TS (24V) (6GK5324-0GG00-1CR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2)",
"product_id": "167",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0GG10-1CR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-12M TS (24V) (6GK5324-0GG10-1CR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2)",
"product_id": "168",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG00-3ER2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-3ER2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2)",
"product_id": "169",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG10-3ER2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-3ER2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2)",
"product_id": "170",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG00-3JR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-3JR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2)",
"product_id": "171",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG10-3JR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-3JR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2)",
"product_id": "172",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG00-1ER2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG00-1ER2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2)",
"product_id": "173",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG10-1ER2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (24V, ports on front) (6GK5324-4GG10-1ER2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2)",
"product_id": "174",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG00-1JR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG00-1JR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2)",
"product_id": "175",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG10-1JR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (24V, ports on rear) (6GK5324-4GG10-1JR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2)",
"product_id": "176",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG00-4ER2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG00-4ER2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2)",
"product_id": "177",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG10-4ER2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) (6GK5324-4GG10-4ER2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2)",
"product_id": "178",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG00-4JR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG00-4JR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2)",
"product_id": "179",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG10-4JR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) (6GK5324-4GG10-4JR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2)",
"product_id": "180",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG00-2ER2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG00-2ER2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2)",
"product_id": "181",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG10-2ER2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (2x 24V, ports on front) (6GK5324-4GG10-2ER2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2)",
"product_id": "182",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG00-2JR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG00-2JR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2)",
"product_id": "183",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4GG10-2JR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M EEC (2x 24V, ports on rear) (6GK5324-4GG10-2JR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2)",
"product_id": "184",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4QG00-3AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG00-3AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG10-3AR2)",
"product_id": "185",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4QG10-3AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M PoE (230V, ports on front) (6GK5324-4QG10-3AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2)",
"product_id": "186",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4QG00-3HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG00-3HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG10-3HR2)",
"product_id": "187",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4QG10-3HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M PoE (230V, ports on rear) (6GK5324-4QG10-3HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2)",
"product_id": "188",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4QG00-1AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG00-1AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG10-1AR2)",
"product_id": "189",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4QG10-1AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M PoE (24V, ports on front) (6GK5324-4QG10-1AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2)",
"product_id": "190",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4QG00-1HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG00-1HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG10-1HR2)",
"product_id": "191",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4QG10-1HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M PoE (24V, ports on rear) (6GK5324-4QG10-1HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2)",
"product_id": "192",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4QG00-1CR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG00-1CR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG10-1CR2)",
"product_id": "193",
"product_identification_helper": {
"model_numbers": [
"6GK5324-4QG10-1CR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324-4M PoE TS (24V, ports on front) (6GK5324-4QG10-1CR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR326-8 (6GK5334-2TS00-2AR3)",
"product_id": "194",
"product_identification_helper": {
"model_numbers": [
"6GK5334-2TS00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 (6GK5334-2TS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR326-8 (6GK5334-2TS00-3AR3)",
"product_id": "195",
"product_identification_helper": {
"model_numbers": [
"6GK5334-2TS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 (6GK5334-2TS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR326-8 (6GK5334-2TS00-4AR3)",
"product_id": "196",
"product_identification_helper": {
"model_numbers": [
"6GK5334-2TS00-4AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 (6GK5334-2TS00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)",
"product_id": "197",
"product_identification_helper": {
"model_numbers": [
"6GK5334-2TS00-2ER3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR502-32 (6GK5534-5TR00-2AR3)",
"product_id": "198",
"product_identification_helper": {
"model_numbers": [
"6GK5534-5TR00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR502-32 (6GK5534-5TR00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR502-32 (6GK5534-5TR00-3AR3)",
"product_id": "199",
"product_identification_helper": {
"model_numbers": [
"6GK5534-5TR00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR502-32 (6GK5534-5TR00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR502-32 (6GK5534-5TR00-4AR3)",
"product_id": "200",
"product_identification_helper": {
"model_numbers": [
"6GK5534-5TR00-4AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR502-32 (6GK5534-5TR00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR522-12 (6GK5534-3TR00-2AR3)",
"product_id": "201",
"product_identification_helper": {
"model_numbers": [
"6GK5534-3TR00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR522-12 (6GK5534-3TR00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR522-12 (6GK5534-3TR00-3AR3)",
"product_id": "202",
"product_identification_helper": {
"model_numbers": [
"6GK5534-3TR00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR522-12 (6GK5534-3TR00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR522-12 (6GK5534-3TR00-4AR3)",
"product_id": "203",
"product_identification_helper": {
"model_numbers": [
"6GK5534-3TR00-4AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR522-12 (6GK5534-3TR00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR524-8WG (6GK5532-2SR00-2AR3)",
"product_id": "204",
"product_identification_helper": {
"model_numbers": [
"6GK5532-2SR00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR524-8WG (6GK5532-2SR00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR524-8WG (6GK5532-2SR00-2RR3)",
"product_id": "205",
"product_identification_helper": {
"model_numbers": [
"6GK5532-2SR00-2RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR524-8WG (6GK5532-2SR00-2RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR524-8WG (6GK5532-2SR00-3AR3)",
"product_id": "206",
"product_identification_helper": {
"model_numbers": [
"6GK5532-2SR00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR524-8WG (6GK5532-2SR00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR524-8WG (6GK5532-2SR00-3RR3)",
"product_id": "207",
"product_identification_helper": {
"model_numbers": [
"6GK5532-2SR00-3RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR524-8WG (6GK5532-2SR00-3RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR526-8 (6GK5534-2TR00-2AR3)",
"product_id": "208",
"product_identification_helper": {
"model_numbers": [
"6GK5534-2TR00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8 (6GK5534-2TR00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR526-8 (6GK5534-2TR00-3AR3)",
"product_id": "209",
"product_identification_helper": {
"model_numbers": [
"6GK5534-2TR00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8 (6GK5534-2TR00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XR526-8 (6GK5534-2TR00-4AR3)",
"product_id": "210",
"product_identification_helper": {
"model_numbers": [
"6GK5534-2TR00-4AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8 (6GK5534-2TR00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Shopfloor IT Suite",
"product_id": "211"
}
}
],
"category": "product_name",
"name": "Shopfloor IT Suite"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=4.0.700",
"product": {
"name": "SIDIS Prime",
"product_id": "212"
}
}
],
"category": "product_name",
"name": "SIDIS Prime"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Siemens OPC UA Modelling Editor (SiOME)",
"product_id": "213"
}
}
],
"category": "product_name",
"name": "Siemens OPC UA Modelling Editor (SiOME)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC Comfort/Mobile RT",
"product_id": "214"
}
}
],
"category": "product_name",
"name": "SIMATIC Comfort/Mobile RT"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC eaSie Core Package (6DL5424-0AX00-0AV8)",
"product_id": "215",
"product_identification_helper": {
"model_numbers": [
"6DL5424-0AX00-0AV8"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC eaSie Core Package (6DL5424-0AX00-0AV8)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8)",
"product_id": "216",
"product_identification_helper": {
"model_numbers": [
"6DL5424-0BX00-0AV8"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c17.0.9",
"product": {
"name": "SIMATIC HMI Basic Panels",
"product_id": "217"
}
}
],
"category": "product_name",
"name": "SIMATIC HMI Basic Panels"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c17.0.9",
"product": {
"name": "SIMATIC HMI Comfort Panels",
"product_id": "218"
}
}
],
"category": "product_name",
"name": "SIMATIC HMI Comfort Panels"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c17.0.9",
"product": {
"name": "SIMATIC HMI Mobile Panels",
"product_id": "219"
}
}
],
"category": "product_name",
"name": "SIMATIC HMI Mobile Panels"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IOT2050 (6ES7647-0BA00-1YA2)",
"product_id": "220",
"product_identification_helper": {
"model_numbers": [
"6ES7647-0BA00-1YA2"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC IOT2050 (6ES7647-0BA00-1YA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC BX-21A",
"product_id": "221"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC BX-21A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC MD-57A",
"product_id": "222"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC MD-57A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC ORCLA",
"product_id": "223"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC ORCLA"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC MV530 H (6GF3530-0GE10)",
"product_id": "224",
"product_identification_helper": {
"model_numbers": [
"6GF3530-0GE10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV530 H (6GF3530-0GE10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC MV530 S (6GF3530-0CD10)",
"product_id": "225",
"product_identification_helper": {
"model_numbers": [
"6GF3530-0CD10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV530 S (6GF3530-0CD10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC MV540 H (6GF3540-0GE10)",
"product_id": "226",
"product_identification_helper": {
"model_numbers": [
"6GF3540-0GE10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV540 H (6GF3540-0GE10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC MV540 H CRANES (6GF3540-0GE30)",
"product_id": "227",
"product_identification_helper": {
"model_numbers": [
"6GF3540-0GE30"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV540 H CRANES (6GF3540-0GE30)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC MV540 S (6GF3540-0CD10)",
"product_id": "228",
"product_identification_helper": {
"model_numbers": [
"6GF3540-0CD10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV540 S (6GF3540-0CD10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC MV550 H (6GF3550-0GE10)",
"product_id": "229",
"product_identification_helper": {
"model_numbers": [
"6GF3550-0GE10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV550 H (6GF3550-0GE10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC MV550 S (6GF3550-0CD10)",
"product_id": "230",
"product_identification_helper": {
"model_numbers": [
"6GF3550-0CD10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV550 S (6GF3550-0CD10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC MV560 U (6GF3560-0LE10)",
"product_id": "231",
"product_identification_helper": {
"model_numbers": [
"6GF3560-0LE10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV560 U (6GF3560-0LE10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC MV560 X (6GF3560-0HE10)",
"product_id": "232",
"product_identification_helper": {
"model_numbers": [
"6GF3560-0HE10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV560 X (6GF3560-0HE10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC PDM V9.3",
"product_id": "233"
}
}
],
"category": "product_name",
"name": "SIMATIC PDM V9.3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC RTLS Locating Manager (6GT2780-0DA00)",
"product_id": "234",
"product_identification_helper": {
"model_numbers": [
"6GT2780-0DA00"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC RTLS Locating Manager (6GT2780-0DA00)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC RTLS Locating Manager (6GT2780-0DA10)",
"product_id": "235",
"product_identification_helper": {
"model_numbers": [
"6GT2780-0DA10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC RTLS Locating Manager (6GT2780-0DA10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC RTLS Locating Manager (6GT2780-0DA20)",
"product_id": "236",
"product_identification_helper": {
"model_numbers": [
"6GT2780-0DA20"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC RTLS Locating Manager (6GT2780-0DA20)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC RTLS Locating Manager (6GT2780-0DA30)",
"product_id": "237",
"product_identification_helper": {
"model_numbers": [
"6GT2780-0DA30"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC RTLS Locating Manager (6GT2780-0DA30)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC RTLS Locating Manager (6GT2780-1EA10)",
"product_id": "238",
"product_identification_helper": {
"model_numbers": [
"6GT2780-1EA10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC RTLS Locating Manager (6GT2780-1EA10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC RTLS Locating Manager (6GT2780-1EA20)",
"product_id": "239",
"product_identification_helper": {
"model_numbers": [
"6GT2780-1EA20"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC RTLS Locating Manager (6GT2780-1EA20)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC RTLS Locating Manager (6GT2780-1EA30)",
"product_id": "240",
"product_identification_helper": {
"model_numbers": [
"6GT2780-1EA30"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC RTLS Locating Manager (6GT2780-1EA30)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c5.7.4",
"product": {
"name": "SIMATIC STEP 7 V5",
"product_id": "241"
}
}
],
"category": "product_name",
"name": "SIMATIC STEP 7 V5"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC Target",
"product_id": "242"
}
}
],
"category": "product_name",
"name": "SIMATIC Target"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.19.024",
"product": {
"name": "SIMATIC WinCC OA V3.19",
"product_id": "243"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC OA V3.19"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.20.012",
"product": {
"name": "SIMATIC WinCC OA V3.20",
"product_id": "244"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC OA V3.20"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.21.02",
"product": {
"name": "SIMATIC WinCC OA V3.21",
"product_id": "245"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC OA V3.21"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c17.0.9",
"product": {
"name": "SIMATIC WinCC Runtime Advanced V17",
"product_id": "246"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC Runtime Advanced V17"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c21",
"product": {
"name": "SIMATIC WinCC Unified Sequence",
"product_id": "247"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC Unified Sequence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC WinCC V7.5",
"product_id": "248"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC V7.5"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC WinCC V8.0",
"product_id": "249"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC V8.0"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC WinCC V8.1",
"product_id": "250"
}
}
],
"category": "product_name",
"name": "SIMATIC WinCC V8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMOTION OACAMGEN (6AU1820-3EA20-0AB0)",
"product_id": "251",
"product_identification_helper": {
"model_numbers": [
"6AU1820-3EA20-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SIMOTION OACAMGEN (6AU1820-3EA20-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMOVE Fleetmanager V3.1",
"product_id": "252"
}
}
],
"category": "product_name",
"name": "SIMOVE Fleetmanager V3.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMOVE Fleetmanager V3.2",
"product_id": "253"
}
}
],
"category": "product_name",
"name": "SIMOVE Fleetmanager V3.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMOVE Fleetmanager V3.3",
"product_id": "254"
}
}
],
"category": "product_name",
"name": "SIMOVE Fleetmanager V3.3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=6.3",
"product": {
"name": "SINAMICS G200",
"product_id": "255"
}
}
],
"category": "product_name",
"name": "SINAMICS G200"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=6.3",
"product": {
"name": "SINAMICS G220",
"product_id": "256"
}
}
],
"category": "product_name",
"name": "SINAMICS G220"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=6.3",
"product": {
"name": "SINAMICS S200",
"product_id": "257"
}
}
],
"category": "product_name",
"name": "SINAMICS S200"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=6.3",
"product": {
"name": "SINAMICS S210",
"product_id": "258"
}
}
],
"category": "product_name",
"name": "SINAMICS S210"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=6.3",
"product": {
"name": "SINAMICS S220",
"product_id": "259"
}
}
],
"category": "product_name",
"name": "SINAMICS S220"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.0.2.5",
"product": {
"name": "SINEC INS",
"product_id": "260"
}
}
],
"category": "product_name",
"name": "SINEC INS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SINEC NMS",
"product_id": "261"
}
}
],
"category": "product_name",
"name": "SINEC NMS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SINEC Security Monitor",
"product_id": "262"
}
}
],
"category": "product_name",
"name": "SINEC Security Monitor"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SINUMERIK Access MyMachine /OPC UA",
"product_id": "263"
}
}
],
"category": "product_name",
"name": "SINUMERIK Access MyMachine /OPC UA"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIPLANT",
"product_id": "264"
}
}
],
"category": "product_name",
"name": "SIPLANT"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIPLUS NET SCALANCE X202-2P IRT (6AG1202-2BH00-2BA3)",
"product_id": "265",
"product_identification_helper": {
"model_numbers": [
"6AG1202-2BH00-2BA3"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE X202-2P IRT (6AG1202-2BH00-2BA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIPLUS NET SCALANCE X308-2 (6AG1308-2FL10-4AA3)",
"product_id": "266",
"product_identification_helper": {
"model_numbers": [
"6AG1308-2FL10-4AA3"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE X308-2 (6AG1308-2FL10-4AA3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SITRANS ASM IQ",
"product_id": "267"
}
}
],
"category": "product_name",
"name": "SITRANS ASM IQ"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SITRANS Soft Sensor Engine IQ (SITRANS SSE IQ)",
"product_id": "268"
}
}
],
"category": "product_name",
"name": "SITRANS Soft Sensor Engine IQ (SITRANS SSE IQ)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c2.15.3.0",
"product": {
"name": "User Management Component (UMC)",
"product_id": "269"
}
}
],
"category": "product_name",
"name": "User Management Component (UMC)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Visual Inspection Cockpit",
"product_id": "270"
}
}
],
"category": "product_name",
"name": "Visual Inspection Cockpit"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Parsing CMS AuthEnvelopedData message with maliciously\r\ncrafted AEAD parameters can trigger a stack buffer overflow.\r\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\r\nof Service, or potentially remote code execution.\r\n\r\nWhen parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as\r\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\r\ncopied into a fixed-size stack buffer without verifying that its length fits\r\nthe destination. An attacker can supply a crafted CMS message with an\r\noversized IV, causing a stack-based out-of-bounds write before any\r\nauthentication or tag verification occurs.\r\n\r\nApplications and services that parse untrusted CMS or PKCS#7 content using\r\nAEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable.\r\nBecause the overflow occurs prior to authentication, no valid key material\r\nis required to trigger it. While exploitability to remote code execution\r\ndepends on platform and toolchain mitigations, the stack-based write\r\nprimitive represents a severe risk.\r\n\r\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\r\nissue, as the CMS implementation is outside the OpenSSL FIPS module\r\nboundary.\r\n\r\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\r\n\r\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"68",
"69",
"70",
"71",
"72",
"73",
"74",
"75",
"76",
"77",
"78",
"79",
"80",
"81",
"82",
"83",
"84",
"85",
"86",
"87",
"88",
"89",
"90",
"91",
"92",
"93",
"94",
"95",
"96",
"97",
"98",
"99",
"100",
"101",
"102",
"103",
"104",
"105",
"106",
"107",
"108",
"109",
"110",
"111",
"112",
"113",
"114",
"115",
"116",
"117",
"118",
"119",
"120",
"121",
"122",
"123",
"124",
"125",
"126",
"127",
"128",
"129",
"130",
"131",
"132",
"133",
"134",
"135",
"136",
"137",
"138",
"139",
"140",
"141",
"142",
"143",
"144",
"145",
"146",
"147",
"148",
"149",
"150",
"151",
"152",
"153",
"154",
"155",
"156",
"157",
"158",
"159",
"160",
"161",
"162",
"163",
"164",
"165",
"166",
"167",
"168",
"169",
"170",
"171",
"172",
"173",
"174",
"175",
"176",
"177",
"178",
"179",
"180",
"181",
"182",
"183",
"184",
"185",
"186",
"187",
"188",
"189",
"190",
"191",
"192",
"193",
"194",
"195",
"196",
"197",
"198",
"199",
"200",
"201",
"202",
"203",
"204",
"205",
"206",
"207",
"208",
"209",
"210",
"211",
"212",
"213",
"214",
"215",
"216",
"217",
"218",
"219",
"220",
"221",
"222",
"223",
"224",
"225",
"226",
"227",
"228",
"229",
"230",
"231",
"232",
"233",
"234",
"235",
"236",
"237",
"238",
"239",
"240",
"241",
"242",
"243",
"244",
"245",
"246",
"247",
"248",
"249",
"250",
"251",
"252",
"253",
"254",
"255",
"256",
"257",
"258",
"259",
"260",
"261",
"262",
"263",
"264",
"265",
"266",
"267",
"268",
"269",
"270"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a defense-in-depth measure, organizations may review whether affected systems are exposed to untrusted CMS/PKCS#7 content from external sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"68",
"69",
"70",
"71",
"72",
"73",
"74",
"75",
"76",
"77",
"78",
"79",
"80",
"81",
"82",
"83",
"84",
"85",
"86",
"87",
"88",
"89",
"90",
"91",
"92",
"93",
"94",
"95",
"96",
"97",
"98",
"99",
"100",
"101",
"102",
"103",
"104",
"105",
"106",
"107",
"108",
"109",
"110",
"111",
"112",
"113",
"114",
"115",
"116",
"117",
"118",
"119",
"120",
"121",
"122",
"123",
"124",
"125",
"126",
"127",
"128",
"129",
"130",
"131",
"132",
"133",
"134",
"135",
"136",
"137",
"138",
"139",
"140",
"141",
"142",
"143",
"144",
"145",
"146",
"147",
"148",
"149",
"150",
"151",
"152",
"153",
"154",
"155",
"156",
"157",
"158",
"159",
"160",
"161",
"162",
"163",
"164",
"165",
"166",
"167",
"168",
"169",
"170",
"171",
"172",
"173",
"174",
"175",
"176",
"177",
"178",
"179",
"180",
"181",
"182",
"183",
"184",
"185",
"186",
"187",
"188",
"189",
"190",
"191",
"192",
"193",
"194",
"195",
"196",
"197",
"198",
"199",
"200",
"201",
"202",
"203",
"204",
"205",
"206",
"207",
"208",
"209",
"210",
"211",
"212",
"213",
"214",
"215",
"216",
"217",
"218",
"219",
"220",
"221",
"222",
"223",
"224",
"225",
"226",
"227",
"228",
"229",
"230",
"231",
"232",
"233",
"234",
"235",
"236",
"237",
"238",
"239",
"240",
"241",
"242",
"243",
"244",
"245",
"246",
"247",
"248",
"249",
"250",
"251",
"252",
"253",
"254",
"255",
"256",
"257",
"258",
"259",
"260",
"261",
"262",
"263",
"264",
"265",
"266",
"267",
"268",
"269",
"270"
]
},
{
"category": "mitigation",
"details": "Do not accept files from untrusted and unvalidated sources in the affected applications",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"68",
"69",
"70",
"71",
"72",
"73",
"74",
"75",
"76",
"77",
"78",
"79",
"80",
"81",
"82",
"83",
"84",
"85",
"86",
"87",
"88",
"89",
"90",
"91",
"92",
"93",
"94",
"95",
"96",
"97",
"98",
"99",
"100",
"101",
"102",
"103",
"104",
"105",
"106",
"107",
"108",
"109",
"110",
"111",
"112",
"113",
"114",
"115",
"116",
"117",
"118",
"119",
"120",
"121",
"122",
"123",
"124",
"125",
"126",
"127",
"128",
"129",
"130",
"131",
"132",
"133",
"134",
"135",
"136",
"137",
"138",
"139",
"140",
"141",
"142",
"143",
"144",
"145",
"146",
"147",
"148",
"149",
"150",
"151",
"152",
"153",
"154",
"155",
"156",
"157",
"158",
"159",
"160",
"161",
"162",
"163",
"164",
"165",
"166",
"167",
"168",
"169",
"170",
"171",
"172",
"173",
"174",
"175",
"176",
"177",
"178",
"179",
"180",
"181",
"182",
"183",
"184",
"185",
"186",
"187",
"188",
"189",
"190",
"191",
"192",
"193",
"194",
"195",
"196",
"197",
"198",
"199",
"200",
"201",
"202",
"203",
"204",
"205",
"206",
"207",
"208",
"209",
"210",
"211",
"212",
"213",
"214",
"215",
"216",
"217",
"218",
"219",
"220",
"221",
"222",
"223",
"224",
"225",
"226",
"227",
"228",
"229",
"230",
"231",
"232",
"233",
"234",
"235",
"236",
"237",
"238",
"239",
"240",
"241",
"242",
"243",
"244",
"245",
"246",
"247",
"248",
"249",
"250",
"251",
"252",
"253",
"254",
"255",
"256",
"257",
"258",
"259",
"260",
"261",
"262",
"263",
"264",
"265",
"266",
"267",
"268",
"269",
"270"
]
},
{
"category": "mitigation",
"details": "Restrict the port at the host with the DeviceConnectionProxy to secure destinations",
"product_ids": [
"234",
"235",
"236",
"237",
"238",
"239",
"240"
]
},
{
"category": "mitigation",
"details": "Securing the connected email server as follows:\n\n\u2022 Configure the email server to enforce encrypted communication (TLS/SSL) for all SMTP connections.\n\n\u2022 Restrict access to the email server to trusted systems only (e.g., by using firewall rules or IP allowlists).\n\n\u2022 Ensure strong authentication to access the email server.\n\n\u2022 Keep the email server software and underlying operating system up to date with the latest security patches.",
"product_ids": [
"234"
]
},
{
"category": "mitigation",
"details": "Securing the connected email server as follows:\n\n\u2022 Configure the email server to enforce encrypted communication (TLS/SSL) for all SMTP connections.\n\n\u2022 Restrict access to the email server to trusted systems only (e.g., by using firewall rules or IP allowlists).\n\n\u2022 Ensure strong authentication to access the email server.\n\n\u2022 Keep the email server software and underlying operating system up to date with the latest security patches.",
"product_ids": [
"235",
"236",
"237",
"238",
"239",
"240"
]
},
{
"category": "mitigation",
"details": "The hardening instructions mentioned in the products security concept should be followed",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"68",
"69",
"70",
"71",
"72",
"73",
"74",
"75",
"76",
"77",
"78",
"79",
"80",
"81",
"82",
"83",
"84",
"85",
"86",
"87",
"88",
"89",
"90",
"91",
"92",
"93",
"94",
"95",
"96",
"97",
"98",
"99",
"100",
"101",
"102",
"103",
"104",
"105",
"106",
"107",
"108",
"109",
"110",
"111",
"112",
"113",
"114",
"115",
"116",
"117",
"118",
"119",
"120",
"121",
"122",
"123",
"124",
"125",
"126",
"127",
"128",
"129",
"130",
"131",
"132",
"133",
"134",
"135",
"136",
"137",
"138",
"139",
"140",
"141",
"142",
"143",
"144",
"145",
"146",
"147",
"148",
"149",
"150",
"151",
"152",
"153",
"154",
"155",
"156",
"157",
"158",
"159",
"160",
"161",
"162",
"163",
"164",
"165",
"166",
"167",
"168",
"169",
"170",
"171",
"172",
"173",
"174",
"175",
"176",
"177",
"178",
"179",
"180",
"181",
"182",
"183",
"184",
"185",
"186",
"187",
"188",
"189",
"190",
"191",
"192",
"193",
"194",
"195",
"196",
"197",
"198",
"199",
"200",
"201",
"202",
"203",
"204",
"205",
"206",
"207",
"208",
"209",
"210",
"211",
"212",
"213",
"214",
"215",
"216",
"217",
"218",
"219",
"220",
"221",
"222",
"223",
"224",
"225",
"226",
"227",
"228",
"229",
"230",
"231",
"232",
"233",
"234",
"235",
"236",
"237",
"238",
"239",
"240",
"241",
"242",
"243",
"244",
"245",
"246",
"247",
"248",
"249",
"250",
"251",
"252",
"253",
"254",
"255",
"256",
"257",
"258",
"259",
"260",
"261",
"262",
"263",
"264",
"265",
"266",
"267",
"268",
"269",
"270"
]
},
{
"category": "no_fix_planned",
"details": "Currently no fix is planned",
"product_ids": [
"8",
"9",
"248",
"249",
"250"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"4",
"5",
"6",
"7",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"68",
"69",
"70",
"71",
"72",
"73",
"74",
"75",
"76",
"77",
"78",
"79",
"80",
"81",
"82",
"83",
"84",
"85",
"86",
"87",
"88",
"89",
"90",
"91",
"92",
"93",
"94",
"95",
"96",
"97",
"98",
"99",
"100",
"101",
"102",
"103",
"104",
"105",
"106",
"107",
"108",
"109",
"110",
"111",
"112",
"113",
"114",
"115",
"116",
"117",
"118",
"119",
"120",
"121",
"122",
"123",
"124",
"125",
"126",
"127",
"128",
"129",
"130",
"131",
"132",
"133",
"134",
"135",
"136",
"137",
"138",
"139",
"140",
"141",
"142",
"143",
"144",
"145",
"146",
"147",
"148",
"149",
"150",
"151",
"152",
"153",
"154",
"155",
"156",
"157",
"158",
"159",
"160",
"161",
"162",
"163",
"164",
"165",
"166",
"167",
"168",
"169",
"170",
"171",
"172",
"173",
"174",
"175",
"176",
"177",
"178",
"179",
"180",
"181",
"182",
"183",
"184",
"185",
"186",
"187",
"188",
"189",
"190",
"191",
"192",
"193",
"194",
"195",
"196",
"197",
"198",
"199",
"200",
"201",
"202",
"203",
"204",
"205",
"206",
"207",
"208",
"209",
"210",
"211",
"213",
"214",
"215",
"216",
"220",
"221",
"222",
"223",
"224",
"225",
"226",
"227",
"228",
"229",
"230",
"231",
"232",
"233",
"234",
"235",
"236",
"237",
"238",
"239",
"240",
"242",
"251",
"252",
"253",
"254",
"255",
"256",
"257",
"258",
"259",
"261",
"262",
"263",
"265",
"266",
"267",
"268",
"270"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0 SP2 Update 5 or later version",
"product_ids": [
"260"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109999722/"
},
{
"category": "vendor_fix",
"details": "Update to V1.8.0 or later version",
"product_ids": [
"2"
],
"url": "https://docs.eu1.edge.siemens.cloud/release_notes/scope_of_delivery/scope_of_delivery.html"
},
{
"category": "vendor_fix",
"details": "Update to V17.9 or later version",
"product_ids": [
"217",
"218"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825750/"
},
{
"category": "vendor_fix",
"details": "Update to V17 Update 9 or later version",
"product_ids": [
"246"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109800912/"
},
{
"category": "vendor_fix",
"details": "Update to V17 Update 9 or later version",
"product_ids": [
"219"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825750/"
},
{
"category": "vendor_fix",
"details": "Update to V2.15.3.0 or later version",
"product_ids": [
"269"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/110000730/"
},
{
"category": "vendor_fix",
"details": "Update to V21 or later version",
"product_ids": [
"247"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996963/"
},
{
"category": "vendor_fix",
"details": "Update to V3.19 P024 or later version",
"product_ids": [
"243"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/110000400/"
},
{
"category": "vendor_fix",
"details": "Update to V3.20 P012 or later version",
"product_ids": [
"244"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/110000657/"
},
{
"category": "vendor_fix",
"details": "Update to V3.21 P02 or later version",
"product_ids": [
"245"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/110000985/"
},
{
"category": "vendor_fix",
"details": "Update to V3.3.2 or later version",
"product_ids": [
"3"
],
"url": "https://docs.eu1.edge.siemens.cloud/release_notes/scope_of_delivery/scope_of_delivery.html"
},
{
"category": "vendor_fix",
"details": "Update to V5.7 SP4 or later version",
"product_ids": [
"241"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109991080/"
},
{
"category": "vendor_fix",
"details": "Contact customer support siplant-support.de@siemens.com",
"product_ids": [
"264"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support",
"product_ids": [
"212"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"68",
"69",
"70",
"71",
"72",
"73",
"74",
"75",
"76",
"77",
"78",
"79",
"80",
"81",
"82",
"83",
"84",
"85",
"86",
"87",
"88",
"89",
"90",
"91",
"92",
"93",
"94",
"95",
"96",
"97",
"98",
"99",
"100",
"101",
"102",
"103",
"104",
"105",
"106",
"107",
"108",
"109",
"110",
"111",
"112",
"113",
"114",
"115",
"116",
"117",
"118",
"119",
"120",
"121",
"122",
"123",
"124",
"125",
"126",
"127",
"128",
"129",
"130",
"131",
"132",
"133",
"134",
"135",
"136",
"137",
"138",
"139",
"140",
"141",
"142",
"143",
"144",
"145",
"146",
"147",
"148",
"149",
"150",
"151",
"152",
"153",
"154",
"155",
"156",
"157",
"158",
"159",
"160",
"161",
"162",
"163",
"164",
"165",
"166",
"167",
"168",
"169",
"170",
"171",
"172",
"173",
"174",
"175",
"176",
"177",
"178",
"179",
"180",
"181",
"182",
"183",
"184",
"185",
"186",
"187",
"188",
"189",
"190",
"191",
"192",
"193",
"194",
"195",
"196",
"197",
"198",
"199",
"200",
"201",
"202",
"203",
"204",
"205",
"206",
"207",
"208",
"209",
"210",
"211",
"212",
"213",
"214",
"215",
"216",
"217",
"218",
"219",
"220",
"221",
"222",
"223",
"224",
"225",
"226",
"227",
"228",
"229",
"230",
"231",
"232",
"233",
"234",
"235",
"236",
"237",
"238",
"239",
"240",
"241",
"242",
"243",
"244",
"245",
"246",
"247",
"248",
"249",
"250",
"251",
"252",
"253",
"254",
"255",
"256",
"257",
"258",
"259",
"260",
"261",
"262",
"263",
"264",
"265",
"266",
"267",
"268",
"269",
"270"
]
}
],
"title": "CVE-2025-15467"
}
]
}
SUSE-SU-2026:0309-1
Vulnerability from csaf_suse - Published: 2026-01-28 09:36 - Updated: 2026-01-28 09:36| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues:\n\n - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256830).\n - CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).\n - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835).\n - CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836).\n - CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).\n - CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).\n - CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839).\n - CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-309,SUSE-SLE-Module-Basesystem-15-SP7-2026-309",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0309-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0309-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260309-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0309-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023936.html"
},
{
"category": "self",
"summary": "SUSE Bug 1256830",
"url": "https://bugzilla.suse.com/1256830"
},
{
"category": "self",
"summary": "SUSE Bug 1256834",
"url": "https://bugzilla.suse.com/1256834"
},
{
"category": "self",
"summary": "SUSE Bug 1256835",
"url": "https://bugzilla.suse.com/1256835"
},
{
"category": "self",
"summary": "SUSE Bug 1256836",
"url": "https://bugzilla.suse.com/1256836"
},
{
"category": "self",
"summary": "SUSE Bug 1256837",
"url": "https://bugzilla.suse.com/1256837"
},
{
"category": "self",
"summary": "SUSE Bug 1256838",
"url": "https://bugzilla.suse.com/1256838"
},
{
"category": "self",
"summary": "SUSE Bug 1256839",
"url": "https://bugzilla.suse.com/1256839"
},
{
"category": "self",
"summary": "SUSE Bug 1256840",
"url": "https://bugzilla.suse.com/1256840"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15467 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69418 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69419 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69420 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69421 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69421/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22795 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22796 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22796/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2026-01-28T09:36:37Z",
"generator": {
"date": "2026-01-28T09:36:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0309-1",
"initial_release_date": "2026-01-28T09:36:37Z",
"revision_history": [
{
"date": "2026-01-28T09:36:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"product_id": "libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"product": {
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"product_id": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.2.3-150700.5.24.1.aarch64",
"product": {
"name": "libopenssl3-3.2.3-150700.5.24.1.aarch64",
"product_id": "libopenssl3-3.2.3-150700.5.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.2.3-150700.5.24.1.aarch64",
"product": {
"name": "openssl-3-3.2.3-150700.5.24.1.aarch64",
"product_id": "openssl-3-3.2.3-150700.5.24.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-64bit-3.2.3-150700.5.24.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-devel-64bit-3.2.3-150700.5.24.1.aarch64_ilp32",
"product_id": "libopenssl-3-devel-64bit-3.2.3-150700.5.24.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-64bit-3.2.3-150700.5.24.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-fips-provider-64bit-3.2.3-150700.5.24.1.aarch64_ilp32",
"product_id": "libopenssl-3-fips-provider-64bit-3.2.3-150700.5.24.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl3-64bit-3.2.3-150700.5.24.1.aarch64_ilp32",
"product": {
"name": "libopenssl3-64bit-3.2.3-150700.5.24.1.aarch64_ilp32",
"product_id": "libopenssl3-64bit-3.2.3-150700.5.24.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.i586",
"product": {
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.i586",
"product_id": "libopenssl-3-devel-3.2.3-150700.5.24.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.i586",
"product": {
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.i586",
"product_id": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.2.3-150700.5.24.1.i586",
"product": {
"name": "libopenssl3-3.2.3-150700.5.24.1.i586",
"product_id": "libopenssl3-3.2.3-150700.5.24.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-3-3.2.3-150700.5.24.1.i586",
"product": {
"name": "openssl-3-3.2.3-150700.5.24.1.i586",
"product_id": "openssl-3-3.2.3-150700.5.24.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-doc-3.2.3-150700.5.24.1.noarch",
"product": {
"name": "openssl-3-doc-3.2.3-150700.5.24.1.noarch",
"product_id": "openssl-3-doc-3.2.3-150700.5.24.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"product_id": "libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"product": {
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"product_id": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"product": {
"name": "libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"product_id": "libopenssl3-3.2.3-150700.5.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.2.3-150700.5.24.1.ppc64le",
"product": {
"name": "openssl-3-3.2.3-150700.5.24.1.ppc64le",
"product_id": "openssl-3-3.2.3-150700.5.24.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"product_id": "libopenssl-3-devel-3.2.3-150700.5.24.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"product": {
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"product_id": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.2.3-150700.5.24.1.s390x",
"product": {
"name": "libopenssl3-3.2.3-150700.5.24.1.s390x",
"product_id": "libopenssl3-3.2.3-150700.5.24.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.2.3-150700.5.24.1.s390x",
"product": {
"name": "openssl-3-3.2.3-150700.5.24.1.s390x",
"product_id": "openssl-3-3.2.3-150700.5.24.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"product_id": "libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.2.3-150700.5.24.1.x86_64",
"product": {
"name": "libopenssl-3-devel-32bit-3.2.3-150700.5.24.1.x86_64",
"product_id": "libopenssl-3-devel-32bit-3.2.3-150700.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"product_id": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"product_id": "libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.2.3-150700.5.24.1.x86_64",
"product": {
"name": "libopenssl3-3.2.3-150700.5.24.1.x86_64",
"product_id": "libopenssl3-3.2.3-150700.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"product": {
"name": "libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"product_id": "libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.2.3-150700.5.24.1.x86_64",
"product": {
"name": "openssl-3-3.2.3-150700.5.24.1.x86_64",
"product_id": "openssl-3-3.2.3-150700.5.24.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64"
},
"product_reference": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le"
},
"product_reference": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x"
},
"product_reference": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.2.3-150700.5.24.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64"
},
"product_reference": "libopenssl3-3.2.3-150700.5.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.2.3-150700.5.24.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le"
},
"product_reference": "libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.2.3-150700.5.24.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x"
},
"product_reference": "libopenssl3-3.2.3-150700.5.24.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.2.3-150700.5.24.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64"
},
"product_reference": "libopenssl3-3.2.3-150700.5.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64"
},
"product_reference": "libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.2.3-150700.5.24.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64"
},
"product_reference": "openssl-3-3.2.3-150700.5.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.2.3-150700.5.24.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le"
},
"product_reference": "openssl-3-3.2.3-150700.5.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.2.3-150700.5.24.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x"
},
"product_reference": "openssl-3-3.2.3-150700.5.24.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.2.3-150700.5.24.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
},
"product_reference": "openssl-3-3.2.3-150700.5.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-15467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15467"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing CMS AuthEnvelopedData message with maliciously\ncrafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15467",
"url": "https://www.suse.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "SUSE Bug 1256830 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:36:37Z",
"details": "critical"
}
],
"title": "CVE-2025-15467"
},
{
"cve": "CVE-2025-68160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68160"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Writing large, newline-free data into a BIO chain using the\nline-buffering filter where the next BIO performs short writes can trigger\na heap-based out-of-bounds write.\n\nImpact summary: This out-of-bounds write can cause memory corruption which\ntypically results in a crash, leading to Denial of Service for an application.\n\nThe line-buffering BIO filter (BIO_f_linebuffer) is not used by default in\nTLS/SSL data paths. In OpenSSL command-line applications, it is typically\nonly pushed onto stdout/stderr on VMS systems. Third-party applications that\nexplicitly use this filter with a BIO chain that can short-write and that\nwrite large, newline-free data influenced by an attacker would be affected.\nHowever, the circumstances where this could happen are unlikely to be under\nattacker control, and BIO_f_linebuffer is unlikely to be handling non-curated\ndata controlled by an attacker. For that reason the issue was assessed as\nLow severity.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the BIO implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68160",
"url": "https://www.suse.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "SUSE Bug 1256834 for CVE-2025-68160",
"url": "https://bugzilla.suse.com/1256834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:36:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-68160"
},
{
"cve": "CVE-2025-69418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69418"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When using the low-level OCB API directly with AES-NI or\u003cbr\u003eother hardware-accelerated code paths, inputs whose length is not a multiple\u003cbr\u003eof 16 bytes can leave the final partial block unencrypted and unauthenticated.\u003cbr\u003e\u003cbr\u003eImpact summary: The trailing 1-15 bytes of a message may be exposed in\u003cbr\u003ecleartext on encryption and are not covered by the authentication tag,\u003cbr\u003eallowing an attacker to read or tamper with those bytes without detection.\u003cbr\u003e\u003cbr\u003eThe low-level OCB encrypt and decrypt routines in the hardware-accelerated\u003cbr\u003estream path process full 16-byte blocks but do not advance the input/output\u003cbr\u003epointers. The subsequent tail-handling code then operates on the original\u003cbr\u003ebase pointers, effectively reprocessing the beginning of the buffer while\u003cbr\u003eleaving the actual trailing bytes unprocessed. The authentication checksum\u003cbr\u003ealso excludes the true tail bytes.\u003cbr\u003e\u003cbr\u003eHowever, typical OpenSSL consumers using EVP are not affected because the\u003cbr\u003ehigher-level EVP and provider OCB implementations split inputs so that full\u003cbr\u003eblocks and trailing partial blocks are processed in separate calls, avoiding\u003cbr\u003ethe problematic code path. Additionally, TLS does not use OCB ciphersuites.\u003cbr\u003eThe vulnerability only affects applications that call the low-level\u003cbr\u003eCRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with\u003cbr\u003enon-block-aligned lengths in a single call on hardware-accelerated builds.\u003cbr\u003eFor these reasons the issue was assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected\u003cbr\u003eby this issue, as OCB mode is not a FIPS-approved algorithm.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69418",
"url": "https://www.suse.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "SUSE Bug 1256835 for CVE-2025-69418",
"url": "https://bugzilla.suse.com/1256835"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:36:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-69418"
},
{
"cve": "CVE-2025-69419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69419"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously\ncrafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing\nnon-ASCII BMP code point can trigger a one byte write before the allocated\nbuffer.\n\nImpact summary: The out-of-bounds write can cause a memory corruption\nwhich can have various consequences including a Denial of Service.\n\nThe OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12\nBMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes,\nthe helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16\nsource byte count as the destination buffer capacity to UTF8_putc(). For BMP\ncode points above U+07FF, UTF-8 requires three bytes, but the forwarded\ncapacity can be just two bytes. UTF8_putc() then returns -1, and this negative\nvalue is added to the output length without validation, causing the\nlength to become negative. The subsequent trailing NUL byte is then written\nat a negative offset, causing write outside of heap allocated buffer.\n\nThe vulnerability is reachable via the public PKCS12_get_friendlyname() API\nwhen parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a\ndifferent code path that avoids this issue, PKCS12_get_friendlyname() directly\ninvokes the vulnerable function. Exploitation requires an attacker to provide\na malicious PKCS#12 file to be parsed by the application and the attacker\ncan just trigger a one zero byte write before the allocated buffer.\nFor that reason the issue was assessed as Low severity according to our\nSecurity Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69419",
"url": "https://www.suse.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "SUSE Bug 1256836 for CVE-2025-69419",
"url": "https://bugzilla.suse.com/1256836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:36:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-69419"
},
{
"cve": "CVE-2025-69420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69420"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response\nverification code where an ASN1_TYPE union member is accessed without first\nvalidating the type, causing an invalid or NULL pointer dereference when\nprocessing a malformed TimeStamp Response file.\n\nImpact summary: An application calling TS_RESP_verify_response() with a\nmalformed TimeStamp Response can be caused to dereference an invalid or\nNULL pointer when reading, resulting in a Denial of Service.\n\nThe functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2()\naccess the signing cert attribute value without validating its type.\nWhen the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory\nthrough the ASN1_TYPE union, causing a crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nTimeStamp Response to an application that verifies timestamp responses. The\nTimeStamp protocol (RFC 3161) is not widely used and the impact of the\nexploit is just a Denial of Service. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the TimeStamp Response implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69420",
"url": "https://www.suse.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "SUSE Bug 1256837 for CVE-2025-69420",
"url": "https://bugzilla.suse.com/1256837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:36:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-69420"
},
{
"cve": "CVE-2025-69421",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69421"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer\ndereference in the PKCS12_item_decrypt_d2i_ex() function.\n\nImpact summary: A NULL pointer dereference can trigger a crash which leads to\nDenial of Service for an application processing PKCS#12 files.\n\nThe PKCS12_item_decrypt_d2i_ex() function does not check whether the oct\nparameter is NULL before dereferencing it. When called from\nPKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can\nbe NULL, causing a crash. The vulnerability is limited to Denial of Service\nand cannot be escalated to achieve code execution or memory disclosure.\n\nExploiting this issue requires an attacker to provide a malformed PKCS#12 file\nto an application that processes it. For that reason the issue was assessed as\nLow severity according to our Security Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69421",
"url": "https://www.suse.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "SUSE Bug 1256838 for CVE-2025-69421",
"url": "https://bugzilla.suse.com/1256838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:36:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-69421"
},
{
"cve": "CVE-2026-22795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22795"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An invalid or NULL pointer dereference can happen in\nan application processing a malformed PKCS#12 file.\n\nImpact summary: An application processing a malformed PKCS#12 file can be\ncaused to dereference an invalid or NULL pointer on memory read, resulting\nin a Denial of Service.\n\nA type confusion vulnerability exists in PKCS#12 parsing code where\nan ASN1_TYPE union member is accessed without first validating the type,\ncausing an invalid pointer read.\n\nThe location is constrained to a 1-byte address space, meaning any\nattempted pointer manipulation can only target addresses between 0x00 and 0xFF.\nThis range corresponds to the zero page, which is unmapped on most modern\noperating systems and will reliably result in a crash, leading only to a\nDenial of Service. Exploiting this issue also requires a user or application\nto process a maliciously crafted PKCS#12 file. It is uncommon to accept\nuntrusted PKCS#12 files in applications as they are usually used to store\nprivate keys which are trusted by definition. For these reasons, the issue\nwas assessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22795",
"url": "https://www.suse.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "SUSE Bug 1256839 for CVE-2026-22795",
"url": "https://bugzilla.suse.com/1256839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:36:37Z",
"details": "moderate"
}
],
"title": "CVE-2026-22795"
},
{
"cve": "CVE-2026-22796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22796"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A type confusion vulnerability exists in the signature\nverification of signed PKCS#7 data where an ASN1_TYPE union member is\naccessed without first validating the type, causing an invalid or NULL\npointer dereference when processing malformed PKCS#7 data.\n\nImpact summary: An application performing signature verification of PKCS#7\ndata or calling directly the PKCS7_digest_from_attributes() function can be\ncaused to dereference an invalid or NULL pointer when reading, resulting in\na Denial of Service.\n\nThe function PKCS7_digest_from_attributes() accesses the message digest attribute\nvalue without validating its type. When the type is not V_ASN1_OCTET_STRING,\nthis results in accessing invalid memory through the ASN1_TYPE union, causing\na crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nsigned PKCS#7 to an application that verifies it. The impact of the\nexploit is just a Denial of Service, the PKCS7 API is legacy and applications\nshould be using the CMS API instead. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#7 parsing implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22796",
"url": "https://www.suse.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "SUSE Bug 1256840 for CVE-2026-22796",
"url": "https://bugzilla.suse.com/1256840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-devel-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl-3-fips-provider-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenssl3-32bit-3.2.3-150700.5.24.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:openssl-3-3.2.3-150700.5.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:36:37Z",
"details": "moderate"
}
],
"title": "CVE-2026-22796"
}
]
}
SUSE-SU-2026:0310-1
Vulnerability from csaf_suse - Published: 2026-01-28 09:37 - Updated: 2026-01-28 09:37| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues:\n\n - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256830).\n - CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).\n - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835).\n - CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836).\n - CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).\n - CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).\n - CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839).\n - CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-310,SUSE-SLE-Micro-5.3-2026-310,SUSE-SLE-Micro-5.4-2026-310,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-310,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-310,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-310,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-310",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0310-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0310-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260310-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0310-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023935.html"
},
{
"category": "self",
"summary": "SUSE Bug 1256830",
"url": "https://bugzilla.suse.com/1256830"
},
{
"category": "self",
"summary": "SUSE Bug 1256834",
"url": "https://bugzilla.suse.com/1256834"
},
{
"category": "self",
"summary": "SUSE Bug 1256835",
"url": "https://bugzilla.suse.com/1256835"
},
{
"category": "self",
"summary": "SUSE Bug 1256836",
"url": "https://bugzilla.suse.com/1256836"
},
{
"category": "self",
"summary": "SUSE Bug 1256837",
"url": "https://bugzilla.suse.com/1256837"
},
{
"category": "self",
"summary": "SUSE Bug 1256838",
"url": "https://bugzilla.suse.com/1256838"
},
{
"category": "self",
"summary": "SUSE Bug 1256839",
"url": "https://bugzilla.suse.com/1256839"
},
{
"category": "self",
"summary": "SUSE Bug 1256840",
"url": "https://bugzilla.suse.com/1256840"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15467 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69418 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69419 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69420 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69421 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69421/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22795 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22796 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22796/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2026-01-28T09:37:26Z",
"generator": {
"date": "2026-01-28T09:37:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0310-1",
"initial_release_date": "2026-01-28T09:37:26Z",
"revision_history": [
{
"date": "2026-01-28T09:37:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"product_id": "libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150400.4.78.1.aarch64",
"product": {
"name": "libopenssl3-3.0.8-150400.4.78.1.aarch64",
"product_id": "libopenssl3-3.0.8-150400.4.78.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150400.4.78.1.aarch64",
"product": {
"name": "openssl-3-3.0.8-150400.4.78.1.aarch64",
"product_id": "openssl-3-3.0.8-150400.4.78.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-64bit-3.0.8-150400.4.78.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-devel-64bit-3.0.8-150400.4.78.1.aarch64_ilp32",
"product_id": "libopenssl-3-devel-64bit-3.0.8-150400.4.78.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl3-64bit-3.0.8-150400.4.78.1.aarch64_ilp32",
"product": {
"name": "libopenssl3-64bit-3.0.8-150400.4.78.1.aarch64_ilp32",
"product_id": "libopenssl3-64bit-3.0.8-150400.4.78.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.i586",
"product": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.i586",
"product_id": "libopenssl-3-devel-3.0.8-150400.4.78.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150400.4.78.1.i586",
"product": {
"name": "libopenssl3-3.0.8-150400.4.78.1.i586",
"product_id": "libopenssl3-3.0.8-150400.4.78.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150400.4.78.1.i586",
"product": {
"name": "openssl-3-3.0.8-150400.4.78.1.i586",
"product_id": "openssl-3-3.0.8-150400.4.78.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-doc-3.0.8-150400.4.78.1.noarch",
"product": {
"name": "openssl-3-doc-3.0.8-150400.4.78.1.noarch",
"product_id": "openssl-3-doc-3.0.8-150400.4.78.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"product_id": "libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"product": {
"name": "libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"product_id": "libopenssl3-3.0.8-150400.4.78.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150400.4.78.1.ppc64le",
"product": {
"name": "openssl-3-3.0.8-150400.4.78.1.ppc64le",
"product_id": "openssl-3-3.0.8-150400.4.78.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"product_id": "libopenssl-3-devel-3.0.8-150400.4.78.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150400.4.78.1.s390x",
"product": {
"name": "libopenssl3-3.0.8-150400.4.78.1.s390x",
"product_id": "libopenssl3-3.0.8-150400.4.78.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150400.4.78.1.s390x",
"product": {
"name": "openssl-3-3.0.8-150400.4.78.1.s390x",
"product_id": "openssl-3-3.0.8-150400.4.78.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"product_id": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.0.8-150400.4.78.1.x86_64",
"product": {
"name": "libopenssl-3-devel-32bit-3.0.8-150400.4.78.1.x86_64",
"product_id": "libopenssl-3-devel-32bit-3.0.8-150400.4.78.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150400.4.78.1.x86_64",
"product": {
"name": "libopenssl3-3.0.8-150400.4.78.1.x86_64",
"product_id": "libopenssl3-3.0.8-150400.4.78.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.0.8-150400.4.78.1.x86_64",
"product": {
"name": "libopenssl3-32bit-3.0.8-150400.4.78.1.x86_64",
"product_id": "libopenssl3-32bit-3.0.8-150400.4.78.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150400.4.78.1.x86_64",
"product": {
"name": "openssl-3-3.0.8-150400.4.78.1.x86_64",
"product_id": "openssl-3-3.0.8-150400.4.78.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.78.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150400.4.78.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.78.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150400.4.78.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.78.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x"
},
"product_reference": "openssl-3-3.0.8-150400.4.78.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.78.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150400.4.78.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.78.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150400.4.78.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-15467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15467"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15467",
"url": "https://www.suse.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "SUSE Bug 1256830 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256830"
},
{
"category": "external",
"summary": "SUSE Bug 1256876 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:26Z",
"details": "critical"
}
],
"title": "CVE-2025-15467"
},
{
"cve": "CVE-2025-68160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68160"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Writing large, newline-free data into a BIO chain using the\nline-buffering filter where the next BIO performs short writes can trigger\na heap-based out-of-bounds write.\n\nImpact summary: This out-of-bounds write can cause memory corruption which\ntypically results in a crash, leading to Denial of Service for an application.\n\nThe line-buffering BIO filter (BIO_f_linebuffer) is not used by default in\nTLS/SSL data paths. In OpenSSL command-line applications, it is typically\nonly pushed onto stdout/stderr on VMS systems. Third-party applications that\nexplicitly use this filter with a BIO chain that can short-write and that\nwrite large, newline-free data influenced by an attacker would be affected.\nHowever, the circumstances where this could happen are unlikely to be under\nattacker control, and BIO_f_linebuffer is unlikely to be handling non-curated\ndata controlled by an attacker. For that reason the issue was assessed as\nLow severity.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the BIO implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68160",
"url": "https://www.suse.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "SUSE Bug 1256834 for CVE-2025-68160",
"url": "https://bugzilla.suse.com/1256834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-68160"
},
{
"cve": "CVE-2025-69418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69418"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When using the low-level OCB API directly with AES-NI or\u003cbr\u003eother hardware-accelerated code paths, inputs whose length is not a multiple\u003cbr\u003eof 16 bytes can leave the final partial block unencrypted and unauthenticated.\u003cbr\u003e\u003cbr\u003eImpact summary: The trailing 1-15 bytes of a message may be exposed in\u003cbr\u003ecleartext on encryption and are not covered by the authentication tag,\u003cbr\u003eallowing an attacker to read or tamper with those bytes without detection.\u003cbr\u003e\u003cbr\u003eThe low-level OCB encrypt and decrypt routines in the hardware-accelerated\u003cbr\u003estream path process full 16-byte blocks but do not advance the input/output\u003cbr\u003epointers. The subsequent tail-handling code then operates on the original\u003cbr\u003ebase pointers, effectively reprocessing the beginning of the buffer while\u003cbr\u003eleaving the actual trailing bytes unprocessed. The authentication checksum\u003cbr\u003ealso excludes the true tail bytes.\u003cbr\u003e\u003cbr\u003eHowever, typical OpenSSL consumers using EVP are not affected because the\u003cbr\u003ehigher-level EVP and provider OCB implementations split inputs so that full\u003cbr\u003eblocks and trailing partial blocks are processed in separate calls, avoiding\u003cbr\u003ethe problematic code path. Additionally, TLS does not use OCB ciphersuites.\u003cbr\u003eThe vulnerability only affects applications that call the low-level\u003cbr\u003eCRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with\u003cbr\u003enon-block-aligned lengths in a single call on hardware-accelerated builds.\u003cbr\u003eFor these reasons the issue was assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected\u003cbr\u003eby this issue, as OCB mode is not a FIPS-approved algorithm.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69418",
"url": "https://www.suse.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "SUSE Bug 1256835 for CVE-2025-69418",
"url": "https://bugzilla.suse.com/1256835"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-69418"
},
{
"cve": "CVE-2025-69419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69419"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously\ncrafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing\nnon-ASCII BMP code point can trigger a one byte write before the allocated\nbuffer.\n\nImpact summary: The out-of-bounds write can cause a memory corruption\nwhich can have various consequences including a Denial of Service.\n\nThe OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12\nBMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes,\nthe helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16\nsource byte count as the destination buffer capacity to UTF8_putc(). For BMP\ncode points above U+07FF, UTF-8 requires three bytes, but the forwarded\ncapacity can be just two bytes. UTF8_putc() then returns -1, and this negative\nvalue is added to the output length without validation, causing the\nlength to become negative. The subsequent trailing NUL byte is then written\nat a negative offset, causing write outside of heap allocated buffer.\n\nThe vulnerability is reachable via the public PKCS12_get_friendlyname() API\nwhen parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a\ndifferent code path that avoids this issue, PKCS12_get_friendlyname() directly\ninvokes the vulnerable function. Exploitation requires an attacker to provide\na malicious PKCS#12 file to be parsed by the application and the attacker\ncan just trigger a one zero byte write before the allocated buffer.\nFor that reason the issue was assessed as Low severity according to our\nSecurity Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69419",
"url": "https://www.suse.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "SUSE Bug 1256836 for CVE-2025-69419",
"url": "https://bugzilla.suse.com/1256836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-69419"
},
{
"cve": "CVE-2025-69420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69420"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response\nverification code where an ASN1_TYPE union member is accessed without first\nvalidating the type, causing an invalid or NULL pointer dereference when\nprocessing a malformed TimeStamp Response file.\n\nImpact summary: An application calling TS_RESP_verify_response() with a\nmalformed TimeStamp Response can be caused to dereference an invalid or\nNULL pointer when reading, resulting in a Denial of Service.\n\nThe functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2()\naccess the signing cert attribute value without validating its type.\nWhen the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory\nthrough the ASN1_TYPE union, causing a crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nTimeStamp Response to an application that verifies timestamp responses. The\nTimeStamp protocol (RFC 3161) is not widely used and the impact of the\nexploit is just a Denial of Service. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the TimeStamp Response implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69420",
"url": "https://www.suse.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "SUSE Bug 1256837 for CVE-2025-69420",
"url": "https://bugzilla.suse.com/1256837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-69420"
},
{
"cve": "CVE-2025-69421",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69421"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer\ndereference in the PKCS12_item_decrypt_d2i_ex() function.\n\nImpact summary: A NULL pointer dereference can trigger a crash which leads to\nDenial of Service for an application processing PKCS#12 files.\n\nThe PKCS12_item_decrypt_d2i_ex() function does not check whether the oct\nparameter is NULL before dereferencing it. When called from\nPKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can\nbe NULL, causing a crash. The vulnerability is limited to Denial of Service\nand cannot be escalated to achieve code execution or memory disclosure.\n\nExploiting this issue requires an attacker to provide a malformed PKCS#12 file\nto an application that processes it. For that reason the issue was assessed as\nLow severity according to our Security Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69421",
"url": "https://www.suse.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "SUSE Bug 1256838 for CVE-2025-69421",
"url": "https://bugzilla.suse.com/1256838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-69421"
},
{
"cve": "CVE-2026-22795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22795"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An invalid or NULL pointer dereference can happen in\nan application processing a malformed PKCS#12 file.\n\nImpact summary: An application processing a malformed PKCS#12 file can be\ncaused to dereference an invalid or NULL pointer on memory read, resulting\nin a Denial of Service.\n\nA type confusion vulnerability exists in PKCS#12 parsing code where\nan ASN1_TYPE union member is accessed without first validating the type,\ncausing an invalid pointer read.\n\nThe location is constrained to a 1-byte address space, meaning any\nattempted pointer manipulation can only target addresses between 0x00 and 0xFF.\nThis range corresponds to the zero page, which is unmapped on most modern\noperating systems and will reliably result in a crash, leading only to a\nDenial of Service. Exploiting this issue also requires a user or application\nto process a maliciously crafted PKCS#12 file. It is uncommon to accept\nuntrusted PKCS#12 files in applications as they are usually used to store\nprivate keys which are trusted by definition. For these reasons, the issue\nwas assessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22795",
"url": "https://www.suse.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "SUSE Bug 1256839 for CVE-2026-22795",
"url": "https://bugzilla.suse.com/1256839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:26Z",
"details": "moderate"
}
],
"title": "CVE-2026-22795"
},
{
"cve": "CVE-2026-22796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22796"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A type confusion vulnerability exists in the signature\nverification of signed PKCS#7 data where an ASN1_TYPE union member is\naccessed without first validating the type, causing an invalid or NULL\npointer dereference when processing malformed PKCS#7 data.\n\nImpact summary: An application performing signature verification of PKCS#7\ndata or calling directly the PKCS7_digest_from_attributes() function can be\ncaused to dereference an invalid or NULL pointer when reading, resulting in\na Denial of Service.\n\nThe function PKCS7_digest_from_attributes() accesses the message digest attribute\nvalue without validating its type. When the type is not V_ASN1_OCTET_STRING,\nthis results in accessing invalid memory through the ASN1_TYPE union, causing\na crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nsigned PKCS#7 to an application that verifies it. The impact of the\nexploit is just a Denial of Service, the PKCS7 API is legacy and applications\nshould be using the CMS API instead. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#7 parsing implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22796",
"url": "https://www.suse.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "SUSE Bug 1256840 for CVE-2026-22796",
"url": "https://bugzilla.suse.com/1256840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.78.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.78.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:26Z",
"details": "moderate"
}
],
"title": "CVE-2026-22796"
}
]
}
SUSE-SU-2026:0311-1
Vulnerability from csaf_suse - Published: 2026-01-28 09:37 - Updated: 2026-01-28 09:37| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues:\n\n - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256830).\n - CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).\n - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835).\n - CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836).\n - CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).\n - CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).\n - CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839).\n - CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-311,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-311,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-311,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-311,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-311",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0311-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0311-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260311-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0311-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023934.html"
},
{
"category": "self",
"summary": "SUSE Bug 1256830",
"url": "https://bugzilla.suse.com/1256830"
},
{
"category": "self",
"summary": "SUSE Bug 1256834",
"url": "https://bugzilla.suse.com/1256834"
},
{
"category": "self",
"summary": "SUSE Bug 1256835",
"url": "https://bugzilla.suse.com/1256835"
},
{
"category": "self",
"summary": "SUSE Bug 1256836",
"url": "https://bugzilla.suse.com/1256836"
},
{
"category": "self",
"summary": "SUSE Bug 1256837",
"url": "https://bugzilla.suse.com/1256837"
},
{
"category": "self",
"summary": "SUSE Bug 1256838",
"url": "https://bugzilla.suse.com/1256838"
},
{
"category": "self",
"summary": "SUSE Bug 1256839",
"url": "https://bugzilla.suse.com/1256839"
},
{
"category": "self",
"summary": "SUSE Bug 1256840",
"url": "https://bugzilla.suse.com/1256840"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15467 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69418 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69419 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69420 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69421 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69421/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22795 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22796 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22796/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2026-01-28T09:37:48Z",
"generator": {
"date": "2026-01-28T09:37:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0311-1",
"initial_release_date": "2026-01-28T09:37:48Z",
"revision_history": [
{
"date": "2026-01-28T09:37:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.57.1.aarch64",
"product": {
"name": "libopenssl3-3.0.8-150500.5.57.1.aarch64",
"product_id": "libopenssl3-3.0.8-150500.5.57.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.57.1.aarch64",
"product": {
"name": "openssl-3-3.0.8-150500.5.57.1.aarch64",
"product_id": "openssl-3-3.0.8-150500.5.57.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-64bit-3.0.8-150500.5.57.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-devel-64bit-3.0.8-150500.5.57.1.aarch64_ilp32",
"product_id": "libopenssl-3-devel-64bit-3.0.8-150500.5.57.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl3-64bit-3.0.8-150500.5.57.1.aarch64_ilp32",
"product": {
"name": "libopenssl3-64bit-3.0.8-150500.5.57.1.aarch64_ilp32",
"product_id": "libopenssl3-64bit-3.0.8-150500.5.57.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.i586",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.i586",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.57.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.57.1.i586",
"product": {
"name": "libopenssl3-3.0.8-150500.5.57.1.i586",
"product_id": "libopenssl3-3.0.8-150500.5.57.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.57.1.i586",
"product": {
"name": "openssl-3-3.0.8-150500.5.57.1.i586",
"product_id": "openssl-3-3.0.8-150500.5.57.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-doc-3.0.8-150500.5.57.1.noarch",
"product": {
"name": "openssl-3-doc-3.0.8-150500.5.57.1.noarch",
"product_id": "openssl-3-doc-3.0.8-150500.5.57.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"product": {
"name": "libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"product_id": "libopenssl3-3.0.8-150500.5.57.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.57.1.ppc64le",
"product": {
"name": "openssl-3-3.0.8-150500.5.57.1.ppc64le",
"product_id": "openssl-3-3.0.8-150500.5.57.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.57.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.57.1.s390x",
"product": {
"name": "libopenssl3-3.0.8-150500.5.57.1.s390x",
"product_id": "libopenssl3-3.0.8-150500.5.57.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.57.1.s390x",
"product": {
"name": "openssl-3-3.0.8-150500.5.57.1.s390x",
"product_id": "openssl-3-3.0.8-150500.5.57.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.0.8-150500.5.57.1.x86_64",
"product": {
"name": "libopenssl-3-devel-32bit-3.0.8-150500.5.57.1.x86_64",
"product_id": "libopenssl-3-devel-32bit-3.0.8-150500.5.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.57.1.x86_64",
"product": {
"name": "libopenssl3-3.0.8-150500.5.57.1.x86_64",
"product_id": "libopenssl3-3.0.8-150500.5.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.0.8-150500.5.57.1.x86_64",
"product": {
"name": "libopenssl3-32bit-3.0.8-150500.5.57.1.x86_64",
"product_id": "libopenssl3-32bit-3.0.8-150500.5.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.57.1.x86_64",
"product": {
"name": "openssl-3-3.0.8-150500.5.57.1.x86_64",
"product_id": "openssl-3-3.0.8-150500.5.57.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150500.5.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150500.5.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.57.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.57.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.57.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150500.5.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.57.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150500.5.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.57.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150500.5.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.57.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x"
},
"product_reference": "openssl-3-3.0.8-150500.5.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.57.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.57.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150500.5.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.57.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-15467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15467"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing CMS AuthEnvelopedData message with maliciously\ncrafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15467",
"url": "https://www.suse.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "SUSE Bug 1256830 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:48Z",
"details": "critical"
}
],
"title": "CVE-2025-15467"
},
{
"cve": "CVE-2025-68160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68160"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Writing large, newline-free data into a BIO chain using the\nline-buffering filter where the next BIO performs short writes can trigger\na heap-based out-of-bounds write.\n\nImpact summary: This out-of-bounds write can cause memory corruption which\ntypically results in a crash, leading to Denial of Service for an application.\n\nThe line-buffering BIO filter (BIO_f_linebuffer) is not used by default in\nTLS/SSL data paths. In OpenSSL command-line applications, it is typically\nonly pushed onto stdout/stderr on VMS systems. Third-party applications that\nexplicitly use this filter with a BIO chain that can short-write and that\nwrite large, newline-free data influenced by an attacker would be affected.\nHowever, the circumstances where this could happen are unlikely to be under\nattacker control, and BIO_f_linebuffer is unlikely to be handling non-curated\ndata controlled by an attacker. For that reason the issue was assessed as\nLow severity.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the BIO implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68160",
"url": "https://www.suse.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "SUSE Bug 1256834 for CVE-2025-68160",
"url": "https://bugzilla.suse.com/1256834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:48Z",
"details": "moderate"
}
],
"title": "CVE-2025-68160"
},
{
"cve": "CVE-2025-69418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69418"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When using the low-level OCB API directly with AES-NI or\u003cbr\u003eother hardware-accelerated code paths, inputs whose length is not a multiple\u003cbr\u003eof 16 bytes can leave the final partial block unencrypted and unauthenticated.\u003cbr\u003e\u003cbr\u003eImpact summary: The trailing 1-15 bytes of a message may be exposed in\u003cbr\u003ecleartext on encryption and are not covered by the authentication tag,\u003cbr\u003eallowing an attacker to read or tamper with those bytes without detection.\u003cbr\u003e\u003cbr\u003eThe low-level OCB encrypt and decrypt routines in the hardware-accelerated\u003cbr\u003estream path process full 16-byte blocks but do not advance the input/output\u003cbr\u003epointers. The subsequent tail-handling code then operates on the original\u003cbr\u003ebase pointers, effectively reprocessing the beginning of the buffer while\u003cbr\u003eleaving the actual trailing bytes unprocessed. The authentication checksum\u003cbr\u003ealso excludes the true tail bytes.\u003cbr\u003e\u003cbr\u003eHowever, typical OpenSSL consumers using EVP are not affected because the\u003cbr\u003ehigher-level EVP and provider OCB implementations split inputs so that full\u003cbr\u003eblocks and trailing partial blocks are processed in separate calls, avoiding\u003cbr\u003ethe problematic code path. Additionally, TLS does not use OCB ciphersuites.\u003cbr\u003eThe vulnerability only affects applications that call the low-level\u003cbr\u003eCRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with\u003cbr\u003enon-block-aligned lengths in a single call on hardware-accelerated builds.\u003cbr\u003eFor these reasons the issue was assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected\u003cbr\u003eby this issue, as OCB mode is not a FIPS-approved algorithm.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69418",
"url": "https://www.suse.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "SUSE Bug 1256835 for CVE-2025-69418",
"url": "https://bugzilla.suse.com/1256835"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:48Z",
"details": "moderate"
}
],
"title": "CVE-2025-69418"
},
{
"cve": "CVE-2025-69419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69419"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously\ncrafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing\nnon-ASCII BMP code point can trigger a one byte write before the allocated\nbuffer.\n\nImpact summary: The out-of-bounds write can cause a memory corruption\nwhich can have various consequences including a Denial of Service.\n\nThe OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12\nBMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes,\nthe helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16\nsource byte count as the destination buffer capacity to UTF8_putc(). For BMP\ncode points above U+07FF, UTF-8 requires three bytes, but the forwarded\ncapacity can be just two bytes. UTF8_putc() then returns -1, and this negative\nvalue is added to the output length without validation, causing the\nlength to become negative. The subsequent trailing NUL byte is then written\nat a negative offset, causing write outside of heap allocated buffer.\n\nThe vulnerability is reachable via the public PKCS12_get_friendlyname() API\nwhen parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a\ndifferent code path that avoids this issue, PKCS12_get_friendlyname() directly\ninvokes the vulnerable function. Exploitation requires an attacker to provide\na malicious PKCS#12 file to be parsed by the application and the attacker\ncan just trigger a one zero byte write before the allocated buffer.\nFor that reason the issue was assessed as Low severity according to our\nSecurity Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69419",
"url": "https://www.suse.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "SUSE Bug 1256836 for CVE-2025-69419",
"url": "https://bugzilla.suse.com/1256836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:48Z",
"details": "moderate"
}
],
"title": "CVE-2025-69419"
},
{
"cve": "CVE-2025-69420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69420"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response\nverification code where an ASN1_TYPE union member is accessed without first\nvalidating the type, causing an invalid or NULL pointer dereference when\nprocessing a malformed TimeStamp Response file.\n\nImpact summary: An application calling TS_RESP_verify_response() with a\nmalformed TimeStamp Response can be caused to dereference an invalid or\nNULL pointer when reading, resulting in a Denial of Service.\n\nThe functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2()\naccess the signing cert attribute value without validating its type.\nWhen the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory\nthrough the ASN1_TYPE union, causing a crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nTimeStamp Response to an application that verifies timestamp responses. The\nTimeStamp protocol (RFC 3161) is not widely used and the impact of the\nexploit is just a Denial of Service. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the TimeStamp Response implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69420",
"url": "https://www.suse.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "SUSE Bug 1256837 for CVE-2025-69420",
"url": "https://bugzilla.suse.com/1256837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:48Z",
"details": "moderate"
}
],
"title": "CVE-2025-69420"
},
{
"cve": "CVE-2025-69421",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69421"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer\ndereference in the PKCS12_item_decrypt_d2i_ex() function.\n\nImpact summary: A NULL pointer dereference can trigger a crash which leads to\nDenial of Service for an application processing PKCS#12 files.\n\nThe PKCS12_item_decrypt_d2i_ex() function does not check whether the oct\nparameter is NULL before dereferencing it. When called from\nPKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can\nbe NULL, causing a crash. The vulnerability is limited to Denial of Service\nand cannot be escalated to achieve code execution or memory disclosure.\n\nExploiting this issue requires an attacker to provide a malformed PKCS#12 file\nto an application that processes it. For that reason the issue was assessed as\nLow severity according to our Security Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69421",
"url": "https://www.suse.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "SUSE Bug 1256838 for CVE-2025-69421",
"url": "https://bugzilla.suse.com/1256838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:48Z",
"details": "moderate"
}
],
"title": "CVE-2025-69421"
},
{
"cve": "CVE-2026-22795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22795"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An invalid or NULL pointer dereference can happen in\nan application processing a malformed PKCS#12 file.\n\nImpact summary: An application processing a malformed PKCS#12 file can be\ncaused to dereference an invalid or NULL pointer on memory read, resulting\nin a Denial of Service.\n\nA type confusion vulnerability exists in PKCS#12 parsing code where\nan ASN1_TYPE union member is accessed without first validating the type,\ncausing an invalid pointer read.\n\nThe location is constrained to a 1-byte address space, meaning any\nattempted pointer manipulation can only target addresses between 0x00 and 0xFF.\nThis range corresponds to the zero page, which is unmapped on most modern\noperating systems and will reliably result in a crash, leading only to a\nDenial of Service. Exploiting this issue also requires a user or application\nto process a maliciously crafted PKCS#12 file. It is uncommon to accept\nuntrusted PKCS#12 files in applications as they are usually used to store\nprivate keys which are trusted by definition. For these reasons, the issue\nwas assessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22795",
"url": "https://www.suse.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "SUSE Bug 1256839 for CVE-2026-22795",
"url": "https://bugzilla.suse.com/1256839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:48Z",
"details": "moderate"
}
],
"title": "CVE-2026-22795"
},
{
"cve": "CVE-2026-22796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22796"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A type confusion vulnerability exists in the signature\nverification of signed PKCS#7 data where an ASN1_TYPE union member is\naccessed without first validating the type, causing an invalid or NULL\npointer dereference when processing malformed PKCS#7 data.\n\nImpact summary: An application performing signature verification of PKCS#7\ndata or calling directly the PKCS7_digest_from_attributes() function can be\ncaused to dereference an invalid or NULL pointer when reading, resulting in\na Denial of Service.\n\nThe function PKCS7_digest_from_attributes() accesses the message digest attribute\nvalue without validating its type. When the type is not V_ASN1_OCTET_STRING,\nthis results in accessing invalid memory through the ASN1_TYPE union, causing\na crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nsigned PKCS#7 to an application that verifies it. The impact of the\nexploit is just a Denial of Service, the PKCS7 API is legacy and applications\nshould be using the CMS API instead. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#7 parsing implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22796",
"url": "https://www.suse.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "SUSE Bug 1256840 for CVE-2026-22796",
"url": "https://bugzilla.suse.com/1256840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-28T09:37:48Z",
"details": "moderate"
}
],
"title": "CVE-2026-22796"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.