Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-9230 (GCVE-0-2025-9230)
Vulnerability from cvelistv5 – Published: 2025-09-30 13:17 – Updated: 2026-06-02 12:59| Vendor | Product | Version | |
|---|---|---|---|
| OpenSSL | OpenSSL |
Affected:
3.5.0 , < 3.5.4
(semver)
Affected: 3.4.0 , < 3.4.3 (semver) Affected: 3.3.0 , < 3.3.5 (semver) Affected: 3.2.0 , < 3.2.6 (semver) Affected: 3.0.0 , < 3.0.18 (semver) Affected: 1.1.1 , < 1.1.1zd (custom) Affected: 1.0.2 , < 1.0.2zm (custom) |
|
| Siemens | RUGGEDCOM RST2428P |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | RUGGEDCOM RST2428P |
Affected:
0 , < V4.0
(custom)
|
|
| Siemens | SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XCH328 |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XCM324 |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XCM328 |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XCM332 |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XRH334 (24 V DC, 8xFO, CC) |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XRM334 (230 V AC, 12xFO) |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XRM334 (230 V AC, 8xFO) |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XRM334 (24 V DC, 12xFO) |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XRM334 (24 V DC, 8xFO) |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XRM334 (2x230 V AC, 12xFO) |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XRM334 (2x230 V AC, 8xFO) |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) |
Affected:
0 , < V3.3
(custom)
|
|
| Siemens | SIDIS Prime |
Affected:
0 , < V4.0.800
(custom)
|
|
| Siemens | SIMATIC CN 4100 |
Affected:
0 , < V5.0
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 TM MFP - GNU/Linux subsystem |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-9230",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T19:30:08.302408Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T19:30:29.803Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:15:17.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/30/5"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RST2428P",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RST2428P",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCH328",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCM324",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCM328",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCM332",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XRH334 (24 V DC, 8xFO, CC)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XRM334 (230 V AC, 12xFO)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XRM334 (230 V AC, 8xFO)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XRM334 (24 V DC, 12xFO)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XRM334 (24 V DC, 8xFO)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XRM334 (2x230 V AC, 12xFO)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XRM334 (2x230 V AC, 8xFO)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIDIS Prime",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.0.800",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CN 4100",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T12:59:47.999Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-089022.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-485750.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.5.4",
"status": "affected",
"version": "3.5.0",
"versionType": "semver"
},
{
"lessThan": "3.4.3",
"status": "affected",
"version": "3.4.0",
"versionType": "semver"
},
{
"lessThan": "3.3.5",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThan": "3.2.6",
"status": "affected",
"version": "3.2.0",
"versionType": "semver"
},
{
"lessThan": "3.0.18",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
},
{
"lessThan": "1.1.1zd",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.0.2zm",
"status": "affected",
"version": "1.0.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Stanislav Fort (Aisle Research)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Stanislav Fort (Aisle Research)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Viktor Dukhovni"
}
],
"datePublic": "2025-09-30T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Issue summary: An application trying to decrypt CMS messages encrypted using\u003cbr\u003epassword based encryption can trigger an out-of-bounds read and write.\u003cbr\u003e\u003cbr\u003eImpact summary: This out-of-bounds read may trigger a crash which leads to\u003cbr\u003eDenial of Service for an application. The out-of-bounds write can cause\u003cbr\u003ea memory corruption which can have various consequences including\u003cbr\u003ea Denial of Service or Execution of attacker-supplied code.\u003cbr\u003e\u003cbr\u003eAlthough the consequences of a successful exploit of this vulnerability\u003cbr\u003ecould be severe, the probability that the attacker would be able to\u003cbr\u003eperform it is low. Besides, password based (PWRI) encryption support in CMS\u003cbr\u003emessages is very rarely used. For that reason the issue was assessed as\u003cbr\u003eModerate severity according to our Security Policy.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\u003cbr\u003eissue, as the CMS implementation is outside the OpenSSL FIPS module\u003cbr\u003eboundary."
}
],
"value": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "Moderate"
},
"type": "https://openssl-library.org/policies/general/security-policy/"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T13:17:00.808Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://openssl-library.org/news/secadv/20250930.txt"
},
{
"name": "3.5.4 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482"
},
{
"name": "3.4.3 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280"
},
{
"name": "3.3.5 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45"
},
{
"name": "3.2.6 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd"
},
{
"name": "3.0.18 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def"
},
{
"name": "1.1.1zd git commit",
"tags": [
"patch"
],
"url": "https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba"
},
{
"name": "1.0.2zm git commit",
"tags": [
"patch"
],
"url": "https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2025-9230",
"datePublished": "2025-09-30T13:17:00.808Z",
"dateReserved": "2025-08-20T08:38:07.678Z",
"dateUpdated": "2026-06-02T12:59:47.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-9230",
"date": "2026-07-13",
"epss": "0.01744",
"percentile": "0.75149"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-9230\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2025-09-30T14:15:41.050\",\"lastModified\":\"2026-06-17T10:08:33.973\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: An application trying to decrypt CMS messages encrypted using\\npassword based encryption can trigger an out-of-bounds read and write.\\n\\nImpact summary: This out-of-bounds read may trigger a crash which leads to\\nDenial of Service for an application. The out-of-bounds write can cause\\na memory corruption which can have various consequences including\\na Denial of Service or Execution of attacker-supplied code.\\n\\nAlthough the consequences of a successful exploit of this vulnerability\\ncould be severe, the probability that the attacker would be able to\\nperform it is low. Besides, password based (PWRI) encryption support in CMS\\nmessages is very rarely used. For that reason the issue was assessed as\\nModerate severity according to our Security Policy.\\n\\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\\nissue, as the CMS implementation is outside the OpenSSL FIPS module\\nboundary.\"},{\"lang\":\"es\",\"value\":\"Resumen del problema: Una aplicaci\u00f3n que intenta descifrar mensajes CMS cifrados usando cifrado basado en contrase\u00f1a puede desencadenar una lectura y escritura fuera de l\u00edmites.\\n\\nResumen del impacto: Esta lectura fuera de l\u00edmites puede desencadenar un fallo que lleva a una Denegaci\u00f3n de Servicio para una aplicaci\u00f3n. La escritura fuera de l\u00edmites puede causar una corrupci\u00f3n de memoria que puede tener varias consecuencias, incluyendo una Denegaci\u00f3n de Servicio o la ejecuci\u00f3n de c\u00f3digo suministrado por el atacante.\\n\\nAunque las consecuencias de un exploit exitoso de esta vulnerabilidad podr\u00edan ser graves, la probabilidad de que el atacante pudiera realizarlo es baja. Adem\u00e1s, el soporte de cifrado basado en contrase\u00f1a (PWRI) en mensajes CMS se usa muy raramente. Por esa raz\u00f3n, el problema fue evaluado como de severidad Moderada seg\u00fan nuestra Pol\u00edtica de Seguridad.\\n\\nLos m\u00f3dulos FIPS en 3.5, 3.4, 3.3, 3.2, 3.1 y 3.0 no se ven afectados por este problema, ya que la implementaci\u00f3n de CMS est\u00e1 fuera del l\u00edmite del m\u00f3dulo FIPS de OpenSSL.\"}],\"affected\":[{\"source\":\"openssl-security@openssl.org\",\"affectedData\":[{\"vendor\":\"OpenSSL\",\"product\":\"OpenSSL\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"3.5.0\",\"lessThan\":\"3.5.4\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.4.0\",\"lessThan\":\"3.4.3\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.3.0\",\"lessThan\":\"3.3.5\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.2.0\",\"lessThan\":\"3.2.6\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.0.0\",\"lessThan\":\"3.0.18\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.1.1\",\"lessThan\":\"1.1.1zd\",\"versionType\":\"custom\",\"status\":\"affected\"},{\"version\":\"1.0.2\",\"lessThan\":\"1.0.2zm\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]},{\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"affectedData\":[{\"vendor\":\"Siemens\",\"product\":\"RUGGEDCOM RST2428P\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"RUGGEDCOM RST2428P\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V4.0\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XCH328\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XCM324\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XCM328\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XCM332\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XRH334 (24 V DC, 8xFO, CC)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XRM334 (230 V AC, 12xFO)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XRM334 (230 V AC, 8xFO)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XRM334 (24 V DC, 12xFO)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XRM334 (24 V DC, 8xFO)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XRM334 (2x230 V AC, 12xFO)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XRM334 (2x230 V AC, 8xFO)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIDIS Prime\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V4.0.800\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC CN 4100\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V5.0\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-09-30T19:30:08.302408Z\",\"id\":\"CVE-2025-9230\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://openssl-library.org/news/secadv/20250930.txt\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/09/30/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-032379.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-089022.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-253495.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-265688.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-485750.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"redhat_vex": {
"aggregate_severity": "Moderate",
"current_release_date": "2026-07-08T14:12:33+00:00",
"cve": "CVE-2025-9230",
"id": "CVE-2025-9230",
"initial_release_date": "2025-09-30T23:59:00+00:00",
"product_status:fixed": "632",
"product_status:known_affected": "18",
"product_status:known_not_affected": "250",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9230.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/09/30/5\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:15:17.295Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM RST2428P\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM RST2428P\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V4.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XCH328\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XCM324\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XCM328\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XCM332\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XRH334 (24 V DC, 8xFO, CC)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XRM334 (230 V AC, 12xFO)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XRM334 (230 V AC, 8xFO)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XRM334 (24 V DC, 12xFO)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XRM334 (24 V DC, 8xFO)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XRM334 (2x230 V AC, 12xFO)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XRM334 (2x230 V AC, 8xFO)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIDIS Prime\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V4.0.800\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC CN 4100\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V5.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-265688.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-089022.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-485750.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-032379.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-253495.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-06-02T12:59:47.999Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-9230\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-30T19:30:08.302408Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-30T19:30:26.001Z\"}}], \"cna\": {\"title\": \"Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Stanislav Fort (Aisle Research)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Stanislav Fort (Aisle Research)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Viktor Dukhovni\"}], \"metrics\": [{\"other\": {\"type\": \"https://openssl-library.org/policies/general/security-policy/\", \"content\": {\"text\": \"Moderate\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.5.0\", \"lessThan\": \"3.5.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.4.0\", \"lessThan\": \"3.4.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.18\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.1.1\", \"lessThan\": \"1.1.1zd\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0.2\", \"lessThan\": \"1.0.2zm\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2025-09-30T14:00:00.000Z\", \"references\": [{\"url\": \"https://openssl-library.org/news/secadv/20250930.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482\", \"name\": \"3.5.4 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280\", \"name\": \"3.4.3 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45\", \"name\": \"3.3.5 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd\", \"name\": \"3.2.6 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def\", \"name\": \"3.0.18 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba\", \"name\": \"1.1.1zd git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3\", \"name\": \"1.0.2zm git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: An application trying to decrypt CMS messages encrypted using\\npassword based encryption can trigger an out-of-bounds read and write.\\n\\nImpact summary: This out-of-bounds read may trigger a crash which leads to\\nDenial of Service for an application. The out-of-bounds write can cause\\na memory corruption which can have various consequences including\\na Denial of Service or Execution of attacker-supplied code.\\n\\nAlthough the consequences of a successful exploit of this vulnerability\\ncould be severe, the probability that the attacker would be able to\\nperform it is low. Besides, password based (PWRI) encryption support in CMS\\nmessages is very rarely used. For that reason the issue was assessed as\\nModerate severity according to our Security Policy.\\n\\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\\nissue, as the CMS implementation is outside the OpenSSL FIPS module\\nboundary.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: An application trying to decrypt CMS messages encrypted using\u003cbr\u003epassword based encryption can trigger an out-of-bounds read and write.\u003cbr\u003e\u003cbr\u003eImpact summary: This out-of-bounds read may trigger a crash which leads to\u003cbr\u003eDenial of Service for an application. The out-of-bounds write can cause\u003cbr\u003ea memory corruption which can have various consequences including\u003cbr\u003ea Denial of Service or Execution of attacker-supplied code.\u003cbr\u003e\u003cbr\u003eAlthough the consequences of a successful exploit of this vulnerability\u003cbr\u003ecould be severe, the probability that the attacker would be able to\u003cbr\u003eperform it is low. Besides, password based (PWRI) encryption support in CMS\u003cbr\u003emessages is very rarely used. For that reason the issue was assessed as\u003cbr\u003eModerate severity according to our Security Policy.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\u003cbr\u003eissue, as the CMS implementation is outside the OpenSSL FIPS module\u003cbr\u003eboundary.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2025-09-30T13:17:00.808Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-9230\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-02T12:59:47.999Z\", \"dateReserved\": \"2025-08-20T08:38:07.678Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2025-09-30T13:17:00.808Z\", \"assignerShortName\": \"openssl\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2025:3917-1
Vulnerability from csaf_suse - Published: 2025-11-03 09:58 - Updated: 2025-11-03 09:58| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:openssl-3-livepatches-0.2-150700.16.3.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:openssl-3-livepatches-0.2-150700.16.3.2.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3-livepatches",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3-livepatches fixes the following issues:\n\n- livepatch for CVE-2025-9230: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap (bsc#1250410).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3917,SUSE-SLE-Module-Live-Patching-15-SP7-2025-3917",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_3917-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:3917-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253917-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:3917-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023142.html"
},
{
"category": "self",
"summary": "SUSE Bug 1250410",
"url": "https://bugzilla.suse.com/1250410"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-9230 page",
"url": "https://www.suse.com/security/cve/CVE-2025-9230/"
}
],
"title": "Security update for openssl-3-livepatches",
"tracking": {
"current_release_date": "2025-11-03T09:58:08Z",
"generator": {
"date": "2025-11-03T09:58:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:3917-1",
"initial_release_date": "2025-11-03T09:58:08Z",
"revision_history": [
{
"date": "2025-11-03T09:58:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-livepatches-0.2-150700.16.3.2.ppc64le",
"product": {
"name": "openssl-3-livepatches-0.2-150700.16.3.2.ppc64le",
"product_id": "openssl-3-livepatches-0.2-150700.16.3.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-livepatches-0.2-150700.16.3.2.x86_64",
"product": {
"name": "openssl-3-livepatches-0.2-150700.16.3.2.x86_64",
"product_id": "openssl-3-livepatches-0.2-150700.16.3.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-livepatches-0.2-150700.16.3.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:openssl-3-livepatches-0.2-150700.16.3.2.ppc64le"
},
"product_reference": "openssl-3-livepatches-0.2-150700.16.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-livepatches-0.2-150700.16.3.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:openssl-3-livepatches-0.2-150700.16.3.2.x86_64"
},
"product_reference": "openssl-3-livepatches-0.2-150700.16.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-9230"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:openssl-3-livepatches-0.2-150700.16.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:openssl-3-livepatches-0.2-150700.16.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-9230",
"url": "https://www.suse.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "SUSE Bug 1250232 for CVE-2025-9230",
"url": "https://bugzilla.suse.com/1250232"
},
{
"category": "external",
"summary": "SUSE Bug 1250410 for CVE-2025-9230",
"url": "https://bugzilla.suse.com/1250410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:openssl-3-livepatches-0.2-150700.16.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:openssl-3-livepatches-0.2-150700.16.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:openssl-3-livepatches-0.2-150700.16.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:openssl-3-livepatches-0.2-150700.16.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-03T09:58:08Z",
"details": "important"
}
],
"title": "CVE-2025-9230"
}
]
}
SUSE-SU-2025:4126-1
Vulnerability from csaf_suse - Published: 2025-11-18 09:42 - Updated: 2025-11-18 09:42| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libopenssl10-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl10-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-32bit-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-1_0_0-doc-1.0.2p-150000.3.97.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-1_0_0",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-1_0_0 fixes the following issues:\n\n- CVE-2025-9230: Fixed out-of-bounds read \u0026 write in RFC 3211 KEK unwrap (bsc#1250232).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4126,SUSE-SLE-Module-Legacy-15-SP6-2025-4126,SUSE-SLE-Module-Legacy-15-SP7-2025-4126,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4126,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4126,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4126,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4126,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4126,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4126,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4126,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4126,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4126,SUSE-Storage-7.1-2025-4126,openSUSE-SLE-15.6-2025-4126",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4126-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4126-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254126-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4126-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023297.html"
},
{
"category": "self",
"summary": "SUSE Bug 1250232",
"url": "https://bugzilla.suse.com/1250232"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-9230 page",
"url": "https://www.suse.com/security/cve/CVE-2025-9230/"
}
],
"title": "Security update for openssl-1_0_0",
"tracking": {
"current_release_date": "2025-11-18T09:42:49Z",
"generator": {
"date": "2025-11-18T09:42:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4126-1",
"initial_release_date": "2025-11-18T09:42:49Z",
"revision_history": [
{
"date": "2025-11-18T09:42:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"product": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"product_id": "libopenssl10-1.0.2p-150000.3.97.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"product": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"product_id": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.aarch64",
"product": {
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.aarch64",
"product_id": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"product": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"product_id": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.aarch64",
"product": {
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.aarch64",
"product_id": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32",
"product": {
"name": "libopenssl-1_0_0-devel-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32",
"product_id": "libopenssl-1_0_0-devel-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32",
"product": {
"name": "libopenssl1_0_0-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32",
"product_id": "libopenssl1_0_0-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32",
"product": {
"name": "libopenssl1_0_0-hmac-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32",
"product_id": "libopenssl1_0_0-hmac-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-steam-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32",
"product": {
"name": "libopenssl1_0_0-steam-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32",
"product_id": "libopenssl1_0_0-steam-64bit-1.0.2p-150000.3.97.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.i586",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.i586",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl10-1.0.2p-150000.3.97.1.i586",
"product": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.i586",
"product_id": "libopenssl10-1.0.2p-150000.3.97.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.i586",
"product": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.i586",
"product_id": "libopenssl1_0_0-1.0.2p-150000.3.97.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.i586",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.i586",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.i586",
"product": {
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.i586",
"product_id": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.i586",
"product": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.i586",
"product_id": "openssl-1_0_0-1.0.2p-150000.3.97.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.i586",
"product": {
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.i586",
"product_id": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1_0_0-doc-1.0.2p-150000.3.97.1.noarch",
"product": {
"name": "openssl-1_0_0-doc-1.0.2p-150000.3.97.1.noarch",
"product_id": "openssl-1_0_0-doc-1.0.2p-150000.3.97.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"product": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"product_id": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"product": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"product_id": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.ppc64le",
"product": {
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.ppc64le",
"product_id": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"product": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"product_id": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.ppc64le",
"product": {
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.ppc64le",
"product_id": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl10-1.0.2p-150000.3.97.1.s390x",
"product": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.s390x",
"product_id": "libopenssl10-1.0.2p-150000.3.97.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"product": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"product_id": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.s390x",
"product": {
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.s390x",
"product_id": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"product": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"product_id": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.s390x",
"product": {
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.s390x",
"product_id": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.97.1.x86_64",
"product_id": "libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.97.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"product_id": "libopenssl10-1.0.2p-150000.3.97.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"product_id": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.2p-150000.3.97.1.x86_64",
"product_id": "libopenssl1_0_0-32bit-1.0.2p-150000.3.97.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.97.1.x86_64",
"product_id": "libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.97.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.x86_64",
"product_id": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.97.1.x86_64",
"product_id": "libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.97.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"product_id": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.x86_64",
"product": {
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.x86_64",
"product_id": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl10-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libopenssl10-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl10-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-32bit-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.aarch64"
},
"product_reference": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.ppc64le"
},
"product_reference": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.s390x"
},
"product_reference": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.x86_64"
},
"product_reference": "openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-doc-1.0.2p-150000.3.97.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-1_0_0-doc-1.0.2p-150000.3.97.1.noarch"
},
"product_reference": "openssl-1_0_0-doc-1.0.2p-150000.3.97.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-9230"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Enterprise Storage 7.1:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Enterprise Storage 7.1:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Enterprise Storage 7.1:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:openssl-1_0_0-doc-1.0.2p-150000.3.97.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-9230",
"url": "https://www.suse.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "SUSE Bug 1250232 for CVE-2025-9230",
"url": "https://bugzilla.suse.com/1250232"
},
{
"category": "external",
"summary": "SUSE Bug 1250410 for CVE-2025-9230",
"url": "https://bugzilla.suse.com/1250410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Enterprise Storage 7.1:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Enterprise Storage 7.1:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Enterprise Storage 7.1:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:openssl-1_0_0-doc-1.0.2p-150000.3.97.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Enterprise Storage 7.1:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Enterprise Storage 7.1:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Enterprise Storage 7.1:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Enterprise Storage 7.1:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl10-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl1_0_0-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:openssl-1_0_0-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.aarch64",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.ppc64le",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.s390x",
"openSUSE Leap 15.6:openssl-1_0_0-cavs-1.0.2p-150000.3.97.1.x86_64",
"openSUSE Leap 15.6:openssl-1_0_0-doc-1.0.2p-150000.3.97.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T09:42:49Z",
"details": "important"
}
],
"title": "CVE-2025-9230"
}
]
}
SUSE-SU-2026:20542-1
Vulnerability from csaf_suse - Published: 2026-02-18 16:23 - Updated: 2026-02-18 16:23| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3-livepatches",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3-livepatches fixes the following issues:\n\n- CVE-2025-11187: Fixed improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256878).\n- CVE-2025-15467: Fixed stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256876).\n- CVE-2025-15468: Fixed NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256880).\n- CVE-2025-9230: Fixed out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap (bsc#1250410).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-298",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20542-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20542-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620542-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20542-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024594.html"
},
{
"category": "self",
"summary": "SUSE Bug 1250410",
"url": "https://bugzilla.suse.com/1250410"
},
{
"category": "self",
"summary": "SUSE Bug 1256876",
"url": "https://bugzilla.suse.com/1256876"
},
{
"category": "self",
"summary": "SUSE Bug 1256878",
"url": "https://bugzilla.suse.com/1256878"
},
{
"category": "self",
"summary": "SUSE Bug 1256880",
"url": "https://bugzilla.suse.com/1256880"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11187 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15467 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15468 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-9230 page",
"url": "https://www.suse.com/security/cve/CVE-2025-9230/"
}
],
"title": "Security update for openssl-3-livepatches",
"tracking": {
"current_release_date": "2026-02-18T16:23:27Z",
"generator": {
"date": "2026-02-18T16:23:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20542-1",
"initial_release_date": "2026-02-18T16:23:27Z",
"revision_history": [
{
"date": "2026-02-18T16:23:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"product": {
"name": "openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"product_id": "openssl-3-livepatches-0.3-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-livepatches-0.3-160000.1.1.x86_64",
"product": {
"name": "openssl-3-livepatches-0.3-160000.1.1.x86_64",
"product_id": "openssl-3-livepatches-0.3-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-livepatches-0.3-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le"
},
"product_reference": "openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-livepatches-0.3-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
},
"product_reference": "openssl-3-livepatches-0.3-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11187"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation\nwhich can trigger a stack-based buffer overflow, invalid pointer or NULL\npointer dereference during MAC verification.\n\nImpact summary: The stack buffer overflow or NULL pointer dereference may\ncause a crash leading to Denial of Service for an application that parses\nuntrusted PKCS#12 files. The buffer overflow may also potentially enable\ncode execution depending on platform mitigations.\n\nWhen verifying a PKCS#12 file that uses PBMAC1 for the MAC, the PBKDF2\nsalt and keylength parameters from the file are used without validation.\nIf the value of keylength exceeds the size of the fixed stack buffer used\nfor the derived key (64 bytes), the key derivation will overflow the buffer.\nThe overflow length is attacker-controlled. Also, if the salt parameter is\nnot an OCTET STRING type this can lead to invalid or NULL pointer\ndereference.\n\nExploiting this issue requires a user or application to process\na maliciously crafted PKCS#12 file. It is uncommon to accept untrusted\nPKCS#12 files in applications as they are usually used to store private\nkeys which are trusted by definition. For this reason the issue was assessed\nas Moderate severity.\n\nThe FIPS modules in 3.6, 3.5 and 3.4 are not affected by this issue, as\nPKCS#12 processing is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5 and 3.4 are vulnerable to this issue.\n\nOpenSSL 3.3, 3.0, 1.1.1 and 1.0.2 are not affected by this issue as they do\nnot support PBMAC1 in PKCS#12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11187",
"url": "https://www.suse.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "SUSE Bug 1256829 for CVE-2025-11187",
"url": "https://bugzilla.suse.com/1256829"
},
{
"category": "external",
"summary": "SUSE Bug 1256878 for CVE-2025-11187",
"url": "https://bugzilla.suse.com/1256878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-18T16:23:27Z",
"details": "important"
}
],
"title": "CVE-2025-11187"
},
{
"cve": "CVE-2025-15467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15467"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15467",
"url": "https://www.suse.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "SUSE Bug 1256830 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256830"
},
{
"category": "external",
"summary": "SUSE Bug 1256876 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-18T16:23:27Z",
"details": "critical"
}
],
"title": "CVE-2025-15467"
},
{
"cve": "CVE-2025-15468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15468"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: If an application using the SSL_CIPHER_find() function in\na QUIC protocol client or server receives an unknown cipher suite from\nthe peer, a NULL dereference occurs.\n\nImpact summary: A NULL pointer dereference leads to abnormal termination of\nthe running process causing Denial of Service.\n\nSome applications call SSL_CIPHER_find() from the client_hello_cb callback\non the cipher ID received from the peer. If this is done with an SSL object\nimplementing the QUIC protocol, NULL pointer dereference will happen if\nthe examined cipher ID is unknown or unsupported.\n\nAs it is not very common to call this function in applications using the QUIC \nprotocol and the worst outcome is Denial of Service, the issue was assessed\nas Low severity.\n\nThe vulnerable code was introduced in the 3.2 version with the addition\nof the QUIC protocol support.\n\nThe FIPS modules in 3.6, 3.5, 3.4 and 3.3 are not affected by this issue,\nas the QUIC implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4 and 3.3 are vulnerable to this issue.\n\nOpenSSL 3.0, 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15468",
"url": "https://www.suse.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "SUSE Bug 1256831 for CVE-2025-15468",
"url": "https://bugzilla.suse.com/1256831"
},
{
"category": "external",
"summary": "SUSE Bug 1256880 for CVE-2025-15468",
"url": "https://bugzilla.suse.com/1256880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-18T16:23:27Z",
"details": "important"
}
],
"title": "CVE-2025-15468"
},
{
"cve": "CVE-2025-9230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-9230"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-9230",
"url": "https://www.suse.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "SUSE Bug 1250232 for CVE-2025-9230",
"url": "https://bugzilla.suse.com/1250232"
},
{
"category": "external",
"summary": "SUSE Bug 1250410 for CVE-2025-9230",
"url": "https://bugzilla.suse.com/1250410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-18T16:23:27Z",
"details": "important"
}
],
"title": "CVE-2025-9230"
}
]
}
SUSE-SU-2026:20607-1
Vulnerability from csaf_suse - Published: 2026-02-18 16:23 - Updated: 2026-02-18 16:23| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3-livepatches",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3-livepatches fixes the following issues:\n\n- CVE-2025-11187: Fixed improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256878).\n- CVE-2025-15467: Fixed stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256876).\n- CVE-2025-15468: Fixed NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256880).\n- CVE-2025-9230: Fixed out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap (bsc#1250410).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-298",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20607-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20607-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620607-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20607-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024609.html"
},
{
"category": "self",
"summary": "SUSE Bug 1250410",
"url": "https://bugzilla.suse.com/1250410"
},
{
"category": "self",
"summary": "SUSE Bug 1256876",
"url": "https://bugzilla.suse.com/1256876"
},
{
"category": "self",
"summary": "SUSE Bug 1256878",
"url": "https://bugzilla.suse.com/1256878"
},
{
"category": "self",
"summary": "SUSE Bug 1256880",
"url": "https://bugzilla.suse.com/1256880"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11187 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15467 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15468 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-9230 page",
"url": "https://www.suse.com/security/cve/CVE-2025-9230/"
}
],
"title": "Security update for openssl-3-livepatches",
"tracking": {
"current_release_date": "2026-02-18T16:23:27Z",
"generator": {
"date": "2026-02-18T16:23:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20607-1",
"initial_release_date": "2026-02-18T16:23:27Z",
"revision_history": [
{
"date": "2026-02-18T16:23:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"product": {
"name": "openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"product_id": "openssl-3-livepatches-0.3-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-livepatches-0.3-160000.1.1.x86_64",
"product": {
"name": "openssl-3-livepatches-0.3-160000.1.1.x86_64",
"product_id": "openssl-3-livepatches-0.3-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-livepatches-0.3-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le"
},
"product_reference": "openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-livepatches-0.3-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
},
"product_reference": "openssl-3-livepatches-0.3-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-livepatches-0.3-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le"
},
"product_reference": "openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-livepatches-0.3-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
},
"product_reference": "openssl-3-livepatches-0.3-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11187"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation\nwhich can trigger a stack-based buffer overflow, invalid pointer or NULL\npointer dereference during MAC verification.\n\nImpact summary: The stack buffer overflow or NULL pointer dereference may\ncause a crash leading to Denial of Service for an application that parses\nuntrusted PKCS#12 files. The buffer overflow may also potentially enable\ncode execution depending on platform mitigations.\n\nWhen verifying a PKCS#12 file that uses PBMAC1 for the MAC, the PBKDF2\nsalt and keylength parameters from the file are used without validation.\nIf the value of keylength exceeds the size of the fixed stack buffer used\nfor the derived key (64 bytes), the key derivation will overflow the buffer.\nThe overflow length is attacker-controlled. Also, if the salt parameter is\nnot an OCTET STRING type this can lead to invalid or NULL pointer\ndereference.\n\nExploiting this issue requires a user or application to process\na maliciously crafted PKCS#12 file. It is uncommon to accept untrusted\nPKCS#12 files in applications as they are usually used to store private\nkeys which are trusted by definition. For this reason the issue was assessed\nas Moderate severity.\n\nThe FIPS modules in 3.6, 3.5 and 3.4 are not affected by this issue, as\nPKCS#12 processing is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5 and 3.4 are vulnerable to this issue.\n\nOpenSSL 3.3, 3.0, 1.1.1 and 1.0.2 are not affected by this issue as they do\nnot support PBMAC1 in PKCS#12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11187",
"url": "https://www.suse.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "SUSE Bug 1256829 for CVE-2025-11187",
"url": "https://bugzilla.suse.com/1256829"
},
{
"category": "external",
"summary": "SUSE Bug 1256878 for CVE-2025-11187",
"url": "https://bugzilla.suse.com/1256878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-18T16:23:27Z",
"details": "important"
}
],
"title": "CVE-2025-11187"
},
{
"cve": "CVE-2025-15467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15467"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15467",
"url": "https://www.suse.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "SUSE Bug 1256830 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256830"
},
{
"category": "external",
"summary": "SUSE Bug 1256876 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-18T16:23:27Z",
"details": "critical"
}
],
"title": "CVE-2025-15467"
},
{
"cve": "CVE-2025-15468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15468"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: If an application using the SSL_CIPHER_find() function in\na QUIC protocol client or server receives an unknown cipher suite from\nthe peer, a NULL dereference occurs.\n\nImpact summary: A NULL pointer dereference leads to abnormal termination of\nthe running process causing Denial of Service.\n\nSome applications call SSL_CIPHER_find() from the client_hello_cb callback\non the cipher ID received from the peer. If this is done with an SSL object\nimplementing the QUIC protocol, NULL pointer dereference will happen if\nthe examined cipher ID is unknown or unsupported.\n\nAs it is not very common to call this function in applications using the QUIC \nprotocol and the worst outcome is Denial of Service, the issue was assessed\nas Low severity.\n\nThe vulnerable code was introduced in the 3.2 version with the addition\nof the QUIC protocol support.\n\nThe FIPS modules in 3.6, 3.5, 3.4 and 3.3 are not affected by this issue,\nas the QUIC implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4 and 3.3 are vulnerable to this issue.\n\nOpenSSL 3.0, 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15468",
"url": "https://www.suse.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "SUSE Bug 1256831 for CVE-2025-15468",
"url": "https://bugzilla.suse.com/1256831"
},
{
"category": "external",
"summary": "SUSE Bug 1256880 for CVE-2025-15468",
"url": "https://bugzilla.suse.com/1256880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-18T16:23:27Z",
"details": "important"
}
],
"title": "CVE-2025-15468"
},
{
"cve": "CVE-2025-9230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-9230"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-9230",
"url": "https://www.suse.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "SUSE Bug 1250232 for CVE-2025-9230",
"url": "https://bugzilla.suse.com/1250232"
},
{
"category": "external",
"summary": "SUSE Bug 1250410 for CVE-2025-9230",
"url": "https://bugzilla.suse.com/1250410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-18T16:23:27Z",
"details": "important"
}
],
"title": "CVE-2025-9230"
}
]
}
SUSE-SU-2026:21544-1
Vulnerability from csaf_suse - Published: 2026-05-05 00:19 - Updated: 2026-05-05 00:19| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3-x86_64-v3-livepatches",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3-x86_64-v3-livepatches fixes the following issues:\n\nChanges in openssl-3-x86_64-v3-livepatches:\n\n- Add package for libopenssl3-x86-64-v3-3.5.0 (bsc#1259271).\n\nFixed:\n\n- CVE-2025-11187: Fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256878).\n- CVE-2025-15467: Fixed Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256876).\n- CVE-2025-15468: Fixed NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256880).\n- CVE-2025-9230: Fixed Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap (CVE-2025-9230) (bsc#1250410).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-675",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21544-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21544-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621544-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21544-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025974.html"
},
{
"category": "self",
"summary": "SUSE Bug 1250410",
"url": "https://bugzilla.suse.com/1250410"
},
{
"category": "self",
"summary": "SUSE Bug 1256876",
"url": "https://bugzilla.suse.com/1256876"
},
{
"category": "self",
"summary": "SUSE Bug 1256878",
"url": "https://bugzilla.suse.com/1256878"
},
{
"category": "self",
"summary": "SUSE Bug 1256880",
"url": "https://bugzilla.suse.com/1256880"
},
{
"category": "self",
"summary": "SUSE Bug 1259271",
"url": "https://bugzilla.suse.com/1259271"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11187 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15467 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15468 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-9230 page",
"url": "https://www.suse.com/security/cve/CVE-2025-9230/"
}
],
"title": "Security update for openssl-3-x86_64-v3-livepatches",
"tracking": {
"current_release_date": "2026-05-05T00:19:27Z",
"generator": {
"date": "2026-05-05T00:19:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21544-1",
"initial_release_date": "2026-05-05T00:19:27Z",
"revision_history": [
{
"date": "2026-05-05T00:19:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"product": {
"name": "openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"product_id": "openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
},
"product_reference": "openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
},
"product_reference": "openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11187"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation\nwhich can trigger a stack-based buffer overflow, invalid pointer or NULL\npointer dereference during MAC verification.\n\nImpact summary: The stack buffer overflow or NULL pointer dereference may\ncause a crash leading to Denial of Service for an application that parses\nuntrusted PKCS#12 files. The buffer overflow may also potentially enable\ncode execution depending on platform mitigations.\n\nWhen verifying a PKCS#12 file that uses PBMAC1 for the MAC, the PBKDF2\nsalt and keylength parameters from the file are used without validation.\nIf the value of keylength exceeds the size of the fixed stack buffer used\nfor the derived key (64 bytes), the key derivation will overflow the buffer.\nThe overflow length is attacker-controlled. Also, if the salt parameter is\nnot an OCTET STRING type this can lead to invalid or NULL pointer\ndereference.\n\nExploiting this issue requires a user or application to process\na maliciously crafted PKCS#12 file. It is uncommon to accept untrusted\nPKCS#12 files in applications as they are usually used to store private\nkeys which are trusted by definition. For this reason the issue was assessed\nas Moderate severity.\n\nThe FIPS modules in 3.6, 3.5 and 3.4 are not affected by this issue, as\nPKCS#12 processing is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5 and 3.4 are vulnerable to this issue.\n\nOpenSSL 3.3, 3.0, 1.1.1 and 1.0.2 are not affected by this issue as they do\nnot support PBMAC1 in PKCS#12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11187",
"url": "https://www.suse.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "SUSE Bug 1256829 for CVE-2025-11187",
"url": "https://bugzilla.suse.com/1256829"
},
{
"category": "external",
"summary": "SUSE Bug 1256878 for CVE-2025-11187",
"url": "https://bugzilla.suse.com/1256878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T00:19:27Z",
"details": "important"
}
],
"title": "CVE-2025-11187"
},
{
"cve": "CVE-2025-15467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15467"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15467",
"url": "https://www.suse.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "SUSE Bug 1256830 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256830"
},
{
"category": "external",
"summary": "SUSE Bug 1256876 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T00:19:27Z",
"details": "critical"
}
],
"title": "CVE-2025-15467"
},
{
"cve": "CVE-2025-15468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15468"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: If an application using the SSL_CIPHER_find() function in\na QUIC protocol client or server receives an unknown cipher suite from\nthe peer, a NULL dereference occurs.\n\nImpact summary: A NULL pointer dereference leads to abnormal termination of\nthe running process causing Denial of Service.\n\nSome applications call SSL_CIPHER_find() from the client_hello_cb callback\non the cipher ID received from the peer. If this is done with an SSL object\nimplementing the QUIC protocol, NULL pointer dereference will happen if\nthe examined cipher ID is unknown or unsupported.\n\nAs it is not very common to call this function in applications using the QUIC \nprotocol and the worst outcome is Denial of Service, the issue was assessed\nas Low severity.\n\nThe vulnerable code was introduced in the 3.2 version with the addition\nof the QUIC protocol support.\n\nThe FIPS modules in 3.6, 3.5, 3.4 and 3.3 are not affected by this issue,\nas the QUIC implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4 and 3.3 are vulnerable to this issue.\n\nOpenSSL 3.0, 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15468",
"url": "https://www.suse.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "SUSE Bug 1256831 for CVE-2025-15468",
"url": "https://bugzilla.suse.com/1256831"
},
{
"category": "external",
"summary": "SUSE Bug 1256880 for CVE-2025-15468",
"url": "https://bugzilla.suse.com/1256880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T00:19:27Z",
"details": "important"
}
],
"title": "CVE-2025-15468"
},
{
"cve": "CVE-2025-9230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-9230"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-9230",
"url": "https://www.suse.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "SUSE Bug 1250232 for CVE-2025-9230",
"url": "https://bugzilla.suse.com/1250232"
},
{
"category": "external",
"summary": "SUSE Bug 1250410 for CVE-2025-9230",
"url": "https://bugzilla.suse.com/1250410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-x86_64-v3-livepatches-0.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T00:19:27Z",
"details": "important"
}
],
"title": "CVE-2025-9230"
}
]
}
VDE-2026-064
Vulnerability from csaf_mettlertoledogmbh - Published: 2026-06-09 10:00 - Updated: 2026-06-09 10:00.NET Framework, and Visual Studio Denial of Service Vulnerability
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
.NET Core Remote Code Execution Vulnerability
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Azure Identity SDK Remote Code Execution Vulnerability
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following methods or properties, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim opens the document.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.
CWE-190 - Integer Overflow or Wraparound| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0, the number of links in the decompression chain is unbounded and the default maxHeaderSize allows a malicious server to insert thousands compression steps leading to high CPU usage and excessive memory allocation. This vulnerability is fixed in 7.18.0 and 6.23.0
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the `fsSize()` function in systeminformation is vulnerable to OS command injection on Windows systems. The optional `drive` parameter is directly concatenated into a PowerShell command without sanitization, allowing arbitrary command execution when user-controlled input reaches this function. The actual exploitability depends on how applications use this function. If an application does not pass user-controlled input to `fsSize()`, it is not vulnerable. Version 5.27.14 contains a patch.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Summary The `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in GHSA-6rw7-vpxm-498p (CVE-2025-15284). ### Details When the `comma` option is set to `true` (not the default, but configurable in applications), qs allows parsing comma-separated strings as arrays (e.g., `?param=a,b,c` becomes `['a', 'b', 'c']`). However, the limit check for `arrayLimit` (default: 20) and the optional throwOnLimitExceeded occur after the comma-handling logic in `parseArrayValue`, enabling a bypass
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service. The OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12 BMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes, the helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes, but the forwarded capacity can be just two bytes. UTF8_putc() then returns -1, and this negative value is added to the output length without validation, causing the length to become negative. The subsequent trailing NUL byte is then written at a negative offset, causing write outside of heap allocated buffer. The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue, PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to provide a malicious PKCS#12 file to be parsed by the application and the attacker can just trigger a one zero byte write before the allocated buffer. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
None Available
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
None Available
|
Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
None Available
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
None Available
|
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
None Available
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
None Available
|
An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.3.22
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*
|
21.3.22 |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
None Available
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
LabX Standard 21.4.23
METTLER TOLEDO / Software / LabX Standard
|
cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*
|
21.4.23 |
None Available
|
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities have been discovered in LabX Standard v21.3.22. Most of the vulnerabilities are fixed in LabX Standard v21.4.23. The Vulnerabilities CVE-2025-69419, CVE-2026-0915, CVE-2025-15467 and CVE-2025-58187 are not yet fixed. The fix will be available in the upcoming releases.\n\nNotice: LabX Standard was formerly known as LabX Cloud Local.",
"title": "Summary"
},
{
"category": "description",
"text": "The identified vulnerabilities may expose the system to risks such as denial\u2011of\u2011service attacks, authentication bypass, authorization weaknesses, and potential remote code execution.",
"title": "Impact"
},
{
"category": "description",
"text": "For Vulnerabilities CVE-2023-29331, CVE-2024-0056, CVE-2021-24112, CVE-2023-36414, CVE-2024-43483, CVE-2026-24737, CVE-2025-46817, CVE-2026-22036, CVE-2025-68154, CVE-2026-2391, CVE-2026-26130, CVE-2026-26127, CVE-2026-21218, CVE-2025-68121, CVE-2025-15281, CVE-2018-15727, CVE-2025-9230 update all LabX Standard installations to 21.4.23 to address and resolve the vulnerabilities.",
"title": "Remediation"
},
{
"category": "legal_disclaimer",
"text": "Your use of the information on this document or materials linked from this document is at your own risk. METTLER TOLEDO makes reasonable efforts to ensure the accuracy of the information but does not grant any warranty, express or implied, including warranties of merchantability or fitness for a particular purpose. To the extent permitted by applicable law, METTLER TOLEDO excludes liability for any loss, claim, expense or damage arising from or related to the statements in this document. METTLER TOLEDO reserves the right to change or update this document at any time.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@mt.com",
"name": "Mettler-Toledo GmbH",
"namespace": "https://www.mt.com"
},
"references": [
{
"category": "external",
"summary": "Product security website of METTLER TOLEDO",
"url": "https://www.mt.com/ph/en/home/site_content/product-security.html"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for METTLER TOLEDO",
"url": "https://certvde.com/en/advisories/vendor/mettler-toledo/"
},
{
"category": "self",
"summary": "VDE-2026-064: METTLER TOLEDO: LabX Standard Report on External Component Analysis - v21.3 - HTML",
"url": "https://certvde.com/en/advisories/VDE-2026-064/"
},
{
"category": "self",
"summary": "VDE-2026-064: METTLER TOLEDO: LabX Standard Report on External Component Analysis - v21.3 - CSAF",
"url": "https://mettler-toledo.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-064.json"
}
],
"title": "METTLER TOLEDO: LabX Standard Report on External Component Analysis - v21.3",
"tracking": {
"aliases": [
"VDE-2026-064"
],
"current_release_date": "2026-06-09T10:00:00.000Z",
"generator": {
"date": "2026-06-08T11:42:39.202Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.44"
}
},
"id": "VDE-2026-064",
"initial_release_date": "2026-06-09T10:00:00.000Z",
"revision_history": [
{
"date": "2026-06-09T10:00:00.000Z",
"number": "1.0.0",
"summary": "Initial revision"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "21.3.22",
"product": {
"name": "LabX Standard 21.3.22",
"product_id": "CSAFPID-51000",
"product_identification_helper": {
"cpe": "cpe:2.3:a:mettler_toledo:labx_standard:21.3.22:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "21.4.23",
"product": {
"name": "LabX Standard 21.4.23",
"product_id": "CSAFPID-52002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:mettler_toledo:labx_standard:21.4.23:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "LabX Standard"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "METTLER TOLEDO"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29331",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": ".NET Framework, and Visual Studio Denial of Service Vulnerability",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability"
},
{
"cve": "CVE-2024-0056",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "description",
"text": "Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.7,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "CHANGED",
"temporalScore": 8.7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability"
},
{
"cve": "CVE-2021-24112",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": ".NET Core Remote Code Execution Vulnerability",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": ".NET Core Remote Code Execution Vulnerability"
},
{
"cve": "CVE-2023-36414",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "Azure Identity SDK Remote Code Execution Vulnerability",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "Azure Identity SDK Remote Code Execution Vulnerability"
},
{
"cve": "CVE-2024-43483",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "description",
"text": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability"
},
{
"cve": "CVE-2026-24737",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "description",
"text": "jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following methods or properties, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim opens the document.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "jsPDF has a PDF Injection in AcroFormChoiceField which allows Arbitrary JavaScript Execution"
},
{
"cve": "CVE-2025-46817",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "Lua library commands may lead to integer overflow and potential RCE"
},
{
"cve": "CVE-2026-22036",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "description",
"text": "Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0, the number of links in the decompression chain is unbounded and the default maxHeaderSize allows a malicious server to insert thousands compression steps leading to high CPU usage and excessive memory allocation. This vulnerability is fixed in 7.18.0 and 6.23.0",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": " Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion"
},
{
"cve": "CVE-2025-68154",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the `fsSize()` function in systeminformation is vulnerable to OS command injection on Windows systems. The optional `drive` parameter is directly concatenated into a PowerShell command without sanitization, allowing arbitrary command execution when user-controlled input reaches this function. The actual exploitability depends on how applications use this function. If an application does not pass user-controlled input to `fsSize()`, it is not vulnerable. Version 5.27.14 contains a patch.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "Command Injection in fsSize() on Windows"
},
{
"cve": "CVE-2026-2391",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "Summary The `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in GHSA-6rw7-vpxm-498p (CVE-2025-15284). ### Details When the `comma` option is set to `true` (not the default, but configurable in applications), qs allows parsing comma-separated strings as arrays (e.g., `?param=a,b,c` becomes `[\u0027a\u0027, \u0027b\u0027, \u0027c\u0027]`). However, the limit check for `arrayLimit` (default: 20) and the optional throwOnLimitExceeded occur after the comma-handling logic in `parseArrayValue`, enabling a bypass",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "qs\u0027s arrayLimit bypass in comma parsing allows denial of service"
},
{
"cve": "CVE-2025-69419",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service. The OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12 BMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes, the helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes, but the forwarded capacity can be just two bytes. UTF8_putc() then returns -1, and this negative value is added to the output length without validation, causing the length to become negative. The subsequent trailing NUL byte is then written at a negative offset, causing write outside of heap allocated buffer. The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue, PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to provide a malicious PKCS#12 file to be parsed by the application and the attacker can just trigger a one zero byte write before the allocated buffer. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-52002"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "none_available",
"details": "This vulnerability will be fixed in the upcoming releases",
"product_ids": [
"CSAFPID-52002"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.4,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-52002"
]
}
],
"title": "Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion"
},
{
"cve": "CVE-2026-0915",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library\u0027s DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-52002"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "none_available",
"details": "This vulnerability will be fixed in the upcoming releases",
"product_ids": [
"CSAFPID-52002"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-52002"
]
}
],
"title": "getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler"
},
{
"cve": "CVE-2026-26130",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "description",
"text": "Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "ASP.NET Core Denial of Service Vulnerability"
},
{
"cve": "CVE-2026-26127",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": ".NET Denial of Service Vulnerability"
},
{
"cve": "CVE-2026-21218",
"cwe": {
"id": "CWE-166",
"name": "Improper Handling of Missing Special Element"
},
"notes": [
{
"category": "description",
"text": "Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": ".NET Spoofing Vulnerability"
},
{
"cve": "CVE-2025-68121",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "description",
"text": "During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 10,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 10,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "Unexpected session resumption in crypto/tls"
},
{
"cve": "CVE-2025-15281",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory"
},
{
"cve": "CVE-2018-15727",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "description",
"text": "Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid \"remember me\" cookie knowing only a username of an LDAP or OAuth user.",
"title": "CVE Decription"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid \"remember me\" cookie knowing only a username of an LDAP or OAuth user."
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-52002"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "none_available",
"details": "This vulnerability will be fixed in the upcoming releases",
"product_ids": [
"CSAFPID-52002"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-52002"
]
}
],
"title": "Stack buffer overflow in CMS (Auth)EnvelopedData parsing"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52002"
],
"known_affected": [
"CSAFPID-51000"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to LabX Standard v21.4.23",
"product_ids": [
"CSAFPID-51000"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51000"
]
}
],
"title": "Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-58187",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "description",
"text": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains",
"title": "CVE description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-52002"
],
"recommended": [
"CSAFPID-52002"
]
},
"remediations": [
{
"category": "none_available",
"details": "This vulnerability will be fixed in the upcoming releases",
"product_ids": [
"CSAFPID-52002"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-52002"
]
}
],
"title": "Quadratic complexity when checking name constraints in crypto/x509"
}
]
}
WID-SEC-W-2025-2166
Vulnerability from csaf_certbund - Published: 2025-09-30 22:00 - Updated: 2026-05-19 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Splunk Splunk Enterprise <9.4.8
Splunk / Splunk Enterprise
|
<9.4.8 | ||
|
IBM MQ Operator
IBM / MQ
|
cpe:/a:ibm:mq:operator
|
Operator | |
|
Splunk Splunk Enterprise Universal Forwarder
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:universal_forwarder
|
Universal Forwarder | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
Open Source OpenSSL <3.0.18
Open Source / OpenSSL
|
<3.0.18 | ||
|
Open Source OpenSSL <1.1.1zd
Open Source / OpenSSL
|
<1.1.1zd | ||
|
Open Source OpenSSL <3.3.5
Open Source / OpenSSL
|
<3.3.5 | ||
|
Open Source OpenSSL <3.2.6
Open Source / OpenSSL
|
<3.2.6 | ||
|
SolarWinds Platform <2026.1
SolarWinds / Platform
|
<2026.1 | ||
|
Open Source OpenSSL <1.0.2zm
Open Source / OpenSSL
|
<1.0.2zm | ||
|
Open Source LibreSSL <4.0.1
Open Source / LibreSSL
|
<4.0.1 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source OpenSSL <3.5.4
Open Source / OpenSSL
|
<3.5.4 | ||
|
Open Source OpenSSL <3.4.3
Open Source / OpenSSL
|
<3.4.3 | ||
|
IBM TXSeries for multiplatforms
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms
|
for multiplatforms | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
IBM Power Hardware Management Console
IBM
|
cpe:/a:ibm:hardware_management_console:-
|
— | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
Xerox FreeFlow Print Server <9.0 SP-3 (93.M3.14.86)
Xerox / FreeFlow Print Server
|
<9.0 SP-3 (93.M3.14.86) | ||
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
Red Hat OpenShift Container Platform <4.14.62
Red Hat / OpenShift
|
Container Platform <4.14.62 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Splunk Splunk Enterprise <9.2.12
Splunk / Splunk Enterprise
|
<9.2.12 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Splunk Splunk Enterprise <9.3.9
Splunk / Splunk Enterprise
|
<9.3.9 | ||
|
Meinberg LANTIME <7.10.004
Meinberg / LANTIME
|
<7.10.004 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IGEL OS <11.11.100
IGEL / OS
|
<11.11.100 | ||
|
Splunk Splunk Enterprise <10.0.3
Splunk / Splunk Enterprise
|
<10.0.3 | ||
|
Splunk Splunk Enterprise <10.2.0
Splunk / Splunk Enterprise
|
<10.2.0 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source LibreSSL <4.1.1
Open Source / LibreSSL
|
<4.1.1 | ||
|
IGEL OS <12.7.4
IGEL / OS
|
<12.7.4 | ||
|
IBM MQ Container
IBM / MQ
|
cpe:/a:ibm:mq:container
|
Container | |
|
IBM DevOps Code ClearCase <11.0.0.05
IBM / DevOps Code ClearCase
|
<11.0.0.05 | ||
|
IBM DevOps Code ClearCase <10.0.1.05
IBM / DevOps Code ClearCase
|
<10.0.1.05 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 | ||
|
IBM DevOps Code ClearCase <9.1.0.10
IBM / DevOps Code ClearCase
|
<9.1.0.10 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Splunk Splunk Enterprise <9.4.8
Splunk / Splunk Enterprise
|
<9.4.8 | ||
|
IBM MQ Operator
IBM / MQ
|
cpe:/a:ibm:mq:operator
|
Operator | |
|
Splunk Splunk Enterprise Universal Forwarder
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:universal_forwarder
|
Universal Forwarder | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
Open Source OpenSSL <3.3.5
Open Source / OpenSSL
|
<3.3.5 | ||
|
Open Source OpenSSL <3.2.6
Open Source / OpenSSL
|
<3.2.6 | ||
|
SolarWinds Platform <2026.1
SolarWinds / Platform
|
<2026.1 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source OpenSSL <3.5.4
Open Source / OpenSSL
|
<3.5.4 | ||
|
Open Source OpenSSL <3.4.3
Open Source / OpenSSL
|
<3.4.3 | ||
|
IBM TXSeries for multiplatforms
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms
|
for multiplatforms | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
IBM Power Hardware Management Console
IBM
|
cpe:/a:ibm:hardware_management_console:-
|
— | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
Xerox FreeFlow Print Server <9.0 SP-3 (93.M3.14.86)
Xerox / FreeFlow Print Server
|
<9.0 SP-3 (93.M3.14.86) | ||
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
Red Hat OpenShift Container Platform <4.14.62
Red Hat / OpenShift
|
Container Platform <4.14.62 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Splunk Splunk Enterprise <9.2.12
Splunk / Splunk Enterprise
|
<9.2.12 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Splunk Splunk Enterprise <9.3.9
Splunk / Splunk Enterprise
|
<9.3.9 | ||
|
Meinberg LANTIME <7.10.004
Meinberg / LANTIME
|
<7.10.004 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IGEL OS <11.11.100
IGEL / OS
|
<11.11.100 | ||
|
Splunk Splunk Enterprise <10.0.3
Splunk / Splunk Enterprise
|
<10.0.3 | ||
|
Splunk Splunk Enterprise <10.2.0
Splunk / Splunk Enterprise
|
<10.2.0 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IGEL OS <12.7.4
IGEL / OS
|
<12.7.4 | ||
|
IBM MQ Container
IBM / MQ
|
cpe:/a:ibm:mq:container
|
Container | |
|
IBM DevOps Code ClearCase <11.0.0.05
IBM / DevOps Code ClearCase
|
<11.0.0.05 | ||
|
IBM DevOps Code ClearCase <10.0.1.05
IBM / DevOps Code ClearCase
|
<10.0.1.05 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 | ||
|
IBM DevOps Code ClearCase <9.1.0.10
IBM / DevOps Code ClearCase
|
<9.1.0.10 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Splunk Splunk Enterprise <9.4.8
Splunk / Splunk Enterprise
|
<9.4.8 | ||
|
IBM MQ Operator
IBM / MQ
|
cpe:/a:ibm:mq:operator
|
Operator | |
|
Splunk Splunk Enterprise Universal Forwarder
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:universal_forwarder
|
Universal Forwarder | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
Open Source OpenSSL <3.0.18
Open Source / OpenSSL
|
<3.0.18 | ||
|
Open Source OpenSSL <3.3.5
Open Source / OpenSSL
|
<3.3.5 | ||
|
Open Source OpenSSL <3.2.6
Open Source / OpenSSL
|
<3.2.6 | ||
|
SolarWinds Platform <2026.1
SolarWinds / Platform
|
<2026.1 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source OpenSSL <3.5.4
Open Source / OpenSSL
|
<3.5.4 | ||
|
Open Source OpenSSL <3.4.3
Open Source / OpenSSL
|
<3.4.3 | ||
|
IBM TXSeries for multiplatforms
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms
|
for multiplatforms | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
IBM Power Hardware Management Console
IBM
|
cpe:/a:ibm:hardware_management_console:-
|
— | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
Xerox FreeFlow Print Server <9.0 SP-3 (93.M3.14.86)
Xerox / FreeFlow Print Server
|
<9.0 SP-3 (93.M3.14.86) | ||
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
Red Hat OpenShift Container Platform <4.14.62
Red Hat / OpenShift
|
Container Platform <4.14.62 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Splunk Splunk Enterprise <9.2.12
Splunk / Splunk Enterprise
|
<9.2.12 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Splunk Splunk Enterprise <9.3.9
Splunk / Splunk Enterprise
|
<9.3.9 | ||
|
Meinberg LANTIME <7.10.004
Meinberg / LANTIME
|
<7.10.004 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IGEL OS <11.11.100
IGEL / OS
|
<11.11.100 | ||
|
Splunk Splunk Enterprise <10.0.3
Splunk / Splunk Enterprise
|
<10.0.3 | ||
|
Splunk Splunk Enterprise <10.2.0
Splunk / Splunk Enterprise
|
<10.2.0 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IGEL OS <12.7.4
IGEL / OS
|
<12.7.4 | ||
|
IBM MQ Container
IBM / MQ
|
cpe:/a:ibm:mq:container
|
Container | |
|
IBM DevOps Code ClearCase <11.0.0.05
IBM / DevOps Code ClearCase
|
<11.0.0.05 | ||
|
IBM DevOps Code ClearCase <10.0.1.05
IBM / DevOps Code ClearCase
|
<10.0.1.05 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 | ||
|
IBM DevOps Code ClearCase <9.1.0.10
IBM / DevOps Code ClearCase
|
<9.1.0.10 |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.\r\nLibreSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL und LibreSSL ausnutzen, um potentiell beliebigen Code auszuf\u00fchren, einen Denial of Service-Zustand zu verursachen und vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2166 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2166.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2166 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2166"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23449 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23209 vom 2025-12-15",
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23202 vom 2025-12-15",
"url": "https://access.redhat.com/errata/RHSA-2025:23202"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23204 vom 2025-12-15",
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23205 vom 2025-12-15",
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "external",
"summary": "OpenSSL Vulnerabilities vom 2025-09-30",
"url": "https://openssl-library.org/news/vulnerabilities/"
},
{
"category": "external",
"summary": "OpenSSL Security Advisory vom 2025-09-30",
"url": "https://openssl-library.org/news/secadv/20250930.txt"
},
{
"category": "external",
"summary": "LibreSSL 4.0.1 Release Notes vom 2025-09-30",
"url": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-4.0.1-relnotes.txt"
},
{
"category": "external",
"summary": "LibreSSL 4.1.1 Release Notes vom 2025-09-30",
"url": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-4.1.1-relnotes.txt"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03443-1 vom 2025-09-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022748.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03442-1 vom 2025-09-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022749.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03441-1 vom 2025-09-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022750.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03440-1 vom 2025-09-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022751.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03439-1 vom 2025-09-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022752.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03438-1 vom 2025-09-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022753.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03437-1 vom 2025-09-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022755.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7786-1 vom 2025-09-30",
"url": "https://ubuntu.com/security/notices/USN-7786-1"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-25:08.OPENSSL vom 2025-09-30",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-25:08.openssl.asc"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6015 vom 2025-10-01",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00181.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4321 vom 2025-10-03",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-E6F76D56FC vom 2025-10-06",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-e6f76d56fc"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03464-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022766.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03463-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022767.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03522-1 vom 2025-10-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HO37ZJ4KSDOK52BA22GLEUYWEU52C22X/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03523-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022811.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03586-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/W7KVSY3I4TH7CCDGE47EBT7FT7ZHC4V5/"
},
{
"category": "external",
"summary": "IGEL Security Notice ISN-2025-43 vom 2025-10-13",
"url": "https://kb.igel.com/en/security-safety/current/isn-2025-43-openssl-vulnerability"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3022 vom 2025-10-15",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3022.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3034 vom 2025-10-15",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3034.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3033 vom 2025-10-15",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3033.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2OPENSSL-SNAPSAFE-2025-008 vom 2025-10-14",
"url": "https://alas.aws.amazon.com/AL2/ALAS2OPENSSL-SNAPSAFE-2025-008.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03632-1 vom 2025-10-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/V6Z2I7RMKLOGDSLKDAHHV7HBNFSLSMGJ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03635-1 vom 2025-10-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022924.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03630-1 vom 2025-10-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022921.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-4D34C066A1 vom 2025-10-20",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-4d34c066a1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3758-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FNZ57TWUAFLSYOWFLCQJ4G3DJKUC7N6D/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20867-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023063.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20896-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023118.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20910-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023105.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3917-1 vom 2025-11-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023142.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-390 vom 2025-11-05",
"url": "https://www.dell.com/support/kbdoc/000385230"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21174 vom 2025-11-13",
"url": "https://access.redhat.com/errata/RHSA-2025:21174"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21248 vom 2025-11-13",
"url": "https://access.redhat.com/errata/RHSA-2025:21248"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21255 vom 2025-11-13",
"url": "https://access.redhat.com/errata/RHSA-2025:21255"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21562 vom 2025-11-17",
"url": "https://access.redhat.com/errata/RHSA-2025:21562"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4126-1 vom 2025-11-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023297.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7250234 vom 2025-11-19",
"url": "https://www.ibm.com/support/pages/node/7250234"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21994 vom 2025-11-24",
"url": "https://access.redhat.com/errata/RHSA-2025:21994"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:21248 vom 2025-11-25",
"url": "https://errata.build.resf.org/RLSA-2025:21248"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-28011 vom 2025-11-26",
"url": "https://linux.oracle.com/errata/ELSA-2025-28011.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21255 vom 2025-11-26",
"url": "http://linux.oracle.com/errata/ELSA-2025-21255.html"
},
{
"category": "external",
"summary": "Meinberg Security Advisory MBGSA-2025.06 vom 2025-11-27",
"url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2025-06-lantime-firmware-v7-10-004.htm"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22428 vom 2025-12-01",
"url": "https://access.redhat.com/errata/RHSA-2025:22428"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-28020 vom 2025-12-01",
"url": "https://linux.oracle.com/errata/ELSA-2025-28020.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22529 vom 2025-12-02",
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2025-8E15323AF1 vom 2025-12-03",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-8e15323af1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21248 vom 2025-12-03",
"url": "https://linux.oracle.com/errata/ELSA-2025-21248.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22794 vom 2025-12-08",
"url": "https://access.redhat.com/errata/RHSA-2025:22794"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22868 vom 2025-12-08",
"url": "https://access.redhat.com/errata/RHSA-2025:22868"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-28041 vom 2025-12-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-28041.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7254361 vom 2025-12-11",
"url": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory45.asc"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23079 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23078 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23080 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7254313 vom 2025-12-10",
"url": "https://www.ibm.com/support/pages/node/7254313"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:20164-1 vom 2025-12-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FI7WKQF75XQ7WHDVEL25P4FK5MLALDSJ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21213-1 vom 2025-12-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023595.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21224-1 vom 2025-12-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023587.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7255930 vom 2025-12-29",
"url": "https://www.ibm.com/support/pages/node/7255930"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3104 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3104.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0337 vom 2026-01-08",
"url": "https://access.redhat.com/errata/RHSA-2026:0337"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0337 vom 2026-01-09",
"url": "https://linux.oracle.com/errata/ELSA-2026-0337.html"
},
{
"category": "external",
"summary": "Progress Knowledge Base vom 2026-01-08",
"url": "https://community.progress.com/s/article/Is-WS-FTP-Server-version-2025-vulnerable-to-CVE-2025-9232"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0337 vom 2026-01-14",
"url": "https://errata.build.resf.org/RLSA-2026:0337"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0420 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0420"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0602 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0602"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50008 vom 2026-01-15",
"url": "https://linux.oracle.com/errata/ELSA-2026-50008.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0714 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0714"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0332 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0332"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0794 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0794"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0887 vom 2026-01-20",
"url": "https://access.redhat.com/errata/RHSA-2026:0887"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0950 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:0950"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0702 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:0702"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0674 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:0674"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1349 vom 2026-01-27",
"url": "https://access.redhat.com/errata/RHSA-2026:1349"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1475 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1475"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1652 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50080 vom 2026-01-30",
"url": "https://linux.oracle.com/errata/ELSA-2026-50080.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50081 vom 2026-01-30",
"url": "https://linux.oracle.com/errata/ELSA-2026-50081.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1720 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1720"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50077 vom 2026-02-02",
"url": "https://linux.oracle.com/errata/ELSA-2026-50077.html"
},
{
"category": "external",
"summary": "F5 Security Advisory K000159887 vom 2026-02-06",
"url": "https://my.f5.com/manage/s/article/K000159887"
},
{
"category": "external",
"summary": "SolarWinds Platform 2026.1 release notes vom 2026-02-10",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2026-1_release_notes.htm"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-1720 vom 2026-02-13",
"url": "https://linux.oracle.com/errata/ELSA-2026-1720.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2776 vom 2026-02-17",
"url": "https://access.redhat.com/errata/RHSA-2026:2776"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2771 vom 2026-02-17",
"url": "https://access.redhat.com/errata/RHSA-2026:2771"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20418-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024331.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-2776 vom 2026-02-17",
"url": "https://linux.oracle.com/errata/ELSA-2026-2776.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50114 vom 2026-02-17",
"url": "https://linux.oracle.com/errata/ELSA-2026-50114.html"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2026-0210 vom 2026-02-18",
"url": "https://advisory.splunk.com//advisories/SVD-2026-0210"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2026-0211 vom 2026-02-18",
"url": "https://advisory.splunk.com//advisories/SVD-2026-0211"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2994 vom 2026-02-23",
"url": "https://access.redhat.com/errata/RHSA-2026:2994"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2995 vom 2026-02-23",
"url": "https://access.redhat.com/errata/RHSA-2026:2995"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3042 vom 2026-02-24",
"url": "https://linux.oracle.com/errata/ELSA-2026-3042.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3164 vom 2026-02-24",
"url": "https://access.redhat.com/errata/RHSA-2026:3164"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:2776 vom 2026-02-24",
"url": "https://errata.build.resf.org/RLSA-2026:2776"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10237-1 vom 2026-02-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4WRV4ISEUKTVWATBUIO2SUY7JFPFBQ7F/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2974 vom 2026-02-26",
"url": "https://access.redhat.com/errata/RHSA-2026:2974"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50131 vom 2026-02-27",
"url": "https://linux.oracle.com/errata/ELSA-2026-50131.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3462 vom 2026-02-27",
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3461 vom 2026-02-27",
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3415 vom 2026-03-05",
"url": "https://access.redhat.com/errata/RHSA-2026:3415"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20542-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024594.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20607-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024609.html"
},
{
"category": "external",
"summary": "Xerox Security Bulletin XRX26-009",
"url": "https://security.business.xerox.com/wp-content/uploads/2026/03/Xerox-Security-Bulletin-XRX26-009-for-Xerox-FreeFlow-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3861 vom 2026-03-12",
"url": "https://access.redhat.com/errata/RHSA-2026:3861"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7268146 vom 2026-03-31",
"url": "https://www.ibm.com/support/pages/node/7268146"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7270407 vom 2026-04-22",
"url": "https://www.ibm.com/support/pages/node/7270407"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21544-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025974.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:18320 vom 2026-05-19",
"url": "https://access.redhat.com/errata/RHSA-2026:18320"
}
],
"source_lang": "en-US",
"title": "OpenSSL und LibreSSL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-19T22:00:00.000+00:00",
"generator": {
"date": "2026-05-20T08:32:09.912+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2025-2166",
"initial_release_date": "2025-09-30T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-09-30T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-10-05T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-10-06T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-09T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-13T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von IGEL aufgenommen"
},
{
"date": "2025-10-14T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-10-19T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-20T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-30T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-03T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-04T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-11-12T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-17T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-19T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-24T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-26T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-27T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Meinberg aufgenommen"
},
{
"date": "2025-12-01T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2025-12-03T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Fedora und Oracle Linux aufgenommen"
},
{
"date": "2025-12-07T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-08T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-09T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-12-10T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von IBM und Red Hat aufgenommen"
},
{
"date": "2025-12-15T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-16T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-17T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-12-18T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-22T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-12-29T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-01-05T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2026-01-08T23:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Red Hat aufgenommen; Progress WS_FTP nicht betroffen"
},
{
"date": "2026-01-13T23:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-01-14T23:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-15T23:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-18T23:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-22T23:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-27T23:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-01T23:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2026-02-02T23:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2026-02-08T23:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2026-02-09T23:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-02-12T23:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-16T23:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-17T23:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von Red Hat, SUSE und Oracle Linux aufgenommen"
},
{
"date": "2026-02-18T23:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von Splunk-SVD aufgenommen"
},
{
"date": "2026-02-23T23:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2026-02-24T23:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und openSUSE aufgenommen"
},
{
"date": "2026-02-26T23:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2026-03-01T23:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-04T23:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-08T23:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-03-11T23:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-31T22:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-04-22T22:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-10T22:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-19T22:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "65"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Appliance \u003c5.32.00.18",
"product": {
"name": "Dell Secure Connect Gateway Appliance \u003c5.32.00.18",
"product_id": "T048301"
}
},
{
"category": "product_version",
"name": "Appliance 5.32.00.18",
"product": {
"name": "Dell Secure Connect Gateway Appliance 5.32.00.18",
"product_id": "T048301-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:secure_connect_gateway:appliance__5.32.00.18"
}
}
}
],
"category": "product_name",
"name": "Secure Connect Gateway"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T042765",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM AIX 7.3",
"product_id": "1139691",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3"
}
}
},
{
"category": "product_version",
"name": "7.2",
"product": {
"name": "IBM AIX 7.2",
"product_id": "434967",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.2"
}
}
}
],
"category": "product_name",
"name": "AIX"
},
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.0.10",
"product": {
"name": "IBM DevOps Code ClearCase \u003c9.1.0.10",
"product_id": "T048741"
}
},
{
"category": "product_version",
"name": "9.1.0.10",
"product": {
"name": "IBM DevOps Code ClearCase 9.1.0.10",
"product_id": "T048741-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:devops_code_clearcase:9.1.0.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.1.05",
"product": {
"name": "IBM DevOps Code ClearCase \u003c10.0.1.05",
"product_id": "T048742"
}
},
{
"category": "product_version",
"name": "10.0.1.05",
"product": {
"name": "IBM DevOps Code ClearCase 10.0.1.05",
"product_id": "T048742-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:devops_code_clearcase:10.0.1.05"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.0.05",
"product": {
"name": "IBM DevOps Code ClearCase \u003c11.0.0.05",
"product_id": "T048743"
}
},
{
"category": "product_version",
"name": "11.0.0.05",
"product": {
"name": "IBM DevOps Code ClearCase 11.0.0.05",
"product_id": "T048743-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:devops_code_clearcase:11.0.0.05"
}
}
}
],
"category": "product_name",
"name": "DevOps Code ClearCase"
},
{
"branches": [
{
"category": "product_version",
"name": "Operator",
"product": {
"name": "IBM MQ Operator",
"product_id": "T036688",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator"
}
}
},
{
"category": "product_version",
"name": "Container",
"product": {
"name": "IBM MQ Container",
"product_id": "T040640",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:container"
}
}
}
],
"category": "product_name",
"name": "MQ"
},
{
"category": "product_name",
"name": "IBM Power Hardware Management Console",
"product": {
"name": "IBM Power Hardware Management Console",
"product_id": "5114",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "for multiplatforms",
"product": {
"name": "IBM TXSeries for multiplatforms",
"product_id": "T036617",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms"
}
}
}
],
"category": "product_name",
"name": "TXSeries"
},
{
"branches": [
{
"category": "product_version",
"name": "3.1",
"product": {
"name": "IBM VIOS 3.1",
"product_id": "1039165",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:3.1"
}
}
},
{
"category": "product_version",
"name": "4.1",
"product": {
"name": "IBM VIOS 4.1",
"product_id": "1522854",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:4.1"
}
}
}
],
"category": "product_name",
"name": "VIOS"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.11.100",
"product": {
"name": "IGEL OS \u003c11.11.100",
"product_id": "T043218"
}
},
{
"category": "product_version",
"name": "11.11.100",
"product": {
"name": "IGEL OS 11.11.100",
"product_id": "T043218-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:11.11.100"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.7.4",
"product": {
"name": "IGEL OS \u003c12.7.4",
"product_id": "T047577"
}
},
{
"category": "product_version",
"name": "12.7.4",
"product": {
"name": "IGEL OS 12.7.4",
"product_id": "T047577-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:12.7.4"
}
}
}
],
"category": "product_name",
"name": "OS"
}
],
"category": "vendor",
"name": "IGEL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.10.004",
"product": {
"name": "Meinberg LANTIME \u003c7.10.004",
"product_id": "T048945"
}
},
{
"category": "product_version",
"name": "7.10.004",
"product": {
"name": "Meinberg LANTIME 7.10.004",
"product_id": "T048945-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:meinberg:lantime:7.10.004"
}
}
}
],
"category": "product_name",
"name": "LANTIME"
}
],
"category": "vendor",
"name": "Meinberg"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.0.1",
"product": {
"name": "Open Source LibreSSL \u003c4.0.1",
"product_id": "T047309"
}
},
{
"category": "product_version",
"name": "4.0.1",
"product": {
"name": "Open Source LibreSSL 4.0.1",
"product_id": "T047309-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openbsd:libressl:4.0.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.1.1",
"product": {
"name": "Open Source LibreSSL \u003c4.1.1",
"product_id": "T047310"
}
},
{
"category": "product_version",
"name": "4.1.1",
"product": {
"name": "Open Source LibreSSL 4.1.1",
"product_id": "T047310-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openbsd:libressl:4.1.1"
}
}
}
],
"category": "product_name",
"name": "LibreSSL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.5.4",
"product": {
"name": "Open Source OpenSSL \u003c3.5.4",
"product_id": "T047302"
}
},
{
"category": "product_version",
"name": "3.5.4",
"product": {
"name": "Open Source OpenSSL 3.5.4",
"product_id": "T047302-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:3.5.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c3.4.3",
"product": {
"name": "Open Source OpenSSL \u003c3.4.3",
"product_id": "T047303"
}
},
{
"category": "product_version",
"name": "3.4.3",
"product": {
"name": "Open Source OpenSSL 3.4.3",
"product_id": "T047303-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:3.4.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c3.3.5",
"product": {
"name": "Open Source OpenSSL \u003c3.3.5",
"product_id": "T047304"
}
},
{
"category": "product_version",
"name": "3.3.5",
"product": {
"name": "Open Source OpenSSL 3.3.5",
"product_id": "T047304-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:3.3.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c3.2.6",
"product": {
"name": "Open Source OpenSSL \u003c3.2.6",
"product_id": "T047305"
}
},
{
"category": "product_version",
"name": "3.2.6",
"product": {
"name": "Open Source OpenSSL 3.2.6",
"product_id": "T047305-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:3.2.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c3.0.18",
"product": {
"name": "Open Source OpenSSL \u003c3.0.18",
"product_id": "T047306"
}
},
{
"category": "product_version",
"name": "3.0.18",
"product": {
"name": "Open Source OpenSSL 3.0.18",
"product_id": "T047306-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:3.0.18"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.1.1zd",
"product": {
"name": "Open Source OpenSSL \u003c1.1.1zd",
"product_id": "T047307"
}
},
{
"category": "product_version",
"name": "1.1.1zd",
"product": {
"name": "Open Source OpenSSL 1.1.1zd",
"product_id": "T047307-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.1.1zd"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.0.2zm",
"product": {
"name": "Open Source OpenSSL \u003c1.0.2zm",
"product_id": "T047308"
}
},
{
"category": "product_version",
"name": "1.0.2zm",
"product": {
"name": "Open Source OpenSSL 1.0.2zm",
"product_id": "T047308-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.0.2zm"
}
}
}
],
"category": "product_name",
"name": "OpenSSL"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "Container Platform \u003c4.14.62",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.14.62",
"product_id": "T051279"
}
},
{
"category": "product_version",
"name": "Container Platform 4.14.62",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14.62",
"product_id": "T051279-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.14.62"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2026.1",
"product": {
"name": "SolarWinds Platform \u003c2026.1",
"product_id": "T050624"
}
},
{
"category": "product_version",
"name": "2026.1",
"product": {
"name": "SolarWinds Platform 2026.1",
"product_id": "T050624-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:orion_platform:2026.1"
}
}
}
],
"category": "product_name",
"name": "Platform"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.2.0",
"product": {
"name": "Splunk Splunk Enterprise \u003c10.2.0",
"product_id": "T050416"
}
},
{
"category": "product_version",
"name": "10.2.0",
"product": {
"name": "Splunk Splunk Enterprise 10.2.0",
"product_id": "T050416-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:10.2.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.3",
"product": {
"name": "Splunk Splunk Enterprise \u003c10.0.3",
"product_id": "T050417"
}
},
{
"category": "product_version",
"name": "10.0.3",
"product": {
"name": "Splunk Splunk Enterprise 10.0.3",
"product_id": "T050417-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:10.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.9",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.3.9",
"product_id": "T050419"
}
},
{
"category": "product_version",
"name": "9.3.9",
"product": {
"name": "Splunk Splunk Enterprise 9.3.9",
"product_id": "T050419-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.3.9"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.12",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.2.12",
"product_id": "T050420"
}
},
{
"category": "product_version",
"name": "9.2.12",
"product": {
"name": "Splunk Splunk Enterprise 9.2.12",
"product_id": "T050420-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.2.12"
}
}
},
{
"category": "product_version",
"name": "Universal Forwarder",
"product": {
"name": "Splunk Splunk Enterprise Universal Forwarder",
"product_id": "T050995",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:universal_forwarder"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.8",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.4.8",
"product_id": "T050996"
}
},
{
"category": "product_version",
"name": "9.4.8",
"product": {
"name": "Splunk Splunk Enterprise 9.4.8",
"product_id": "T050996-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.4.8"
}
}
}
],
"category": "product_name",
"name": "Splunk Enterprise"
}
],
"category": "vendor",
"name": "Splunk"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.0 SP-3 (93.M3.14.86)",
"product": {
"name": "Xerox FreeFlow Print Server \u003c9.0 SP-3 (93.M3.14.86)",
"product_id": "T051478"
}
},
{
"category": "product_version",
"name": "9.0 SP-3 (93.M3.14.86)",
"product": {
"name": "Xerox FreeFlow Print Server 9.0 SP-3 (93.M3.14.86)",
"product_id": "T051478-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9.0_sp-3_%2893.m3.14.86%29"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"product_status": {
"known_affected": [
"67646",
"4035",
"T050996",
"T036688",
"T050995",
"T004914",
"1139691",
"T047306",
"T047307",
"T047304",
"T047305",
"T050624",
"T047308",
"T047309",
"398363",
"T047302",
"T047303",
"T036617",
"434967",
"5114",
"1039165",
"T051478",
"1522854",
"T051279",
"T032255",
"74185",
"T050420",
"T032495",
"T050419",
"T048945",
"2951",
"T002207",
"T042765",
"T000126",
"T043218",
"T050417",
"T050416",
"T027843",
"T047310",
"T047577",
"T040640",
"T048743",
"T048742",
"T048301",
"T048741"
]
},
"release_date": "2025-09-30T22:00:00.000+00:00",
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2025-9231",
"product_status": {
"known_affected": [
"67646",
"4035",
"T050996",
"T036688",
"T050995",
"T004914",
"1139691",
"T047304",
"T047305",
"T050624",
"398363",
"T047302",
"T047303",
"T036617",
"434967",
"5114",
"1039165",
"T051478",
"1522854",
"T051279",
"T032255",
"74185",
"T050420",
"T032495",
"T050419",
"T048945",
"2951",
"T002207",
"T042765",
"T000126",
"T043218",
"T050417",
"T050416",
"T027843",
"T047577",
"T040640",
"T048743",
"T048742",
"T048301",
"T048741"
]
},
"release_date": "2025-09-30T22:00:00.000+00:00",
"title": "CVE-2025-9231"
},
{
"cve": "CVE-2025-9232",
"product_status": {
"known_affected": [
"67646",
"4035",
"T050996",
"T036688",
"T050995",
"T004914",
"1139691",
"T047306",
"T047304",
"T047305",
"T050624",
"398363",
"T047302",
"T047303",
"T036617",
"434967",
"5114",
"1039165",
"T051478",
"1522854",
"T051279",
"T032255",
"74185",
"T050420",
"T032495",
"T050419",
"T048945",
"2951",
"T002207",
"T042765",
"T000126",
"T043218",
"T050417",
"T050416",
"T027843",
"T047577",
"T040640",
"T048743",
"T048742",
"T048301",
"T048741"
]
},
"release_date": "2025-09-30T22:00:00.000+00:00",
"title": "CVE-2025-9232"
}
]
}
WID-SEC-W-2026-0163
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-01-20 23:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.1.3.2
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.2
|
8.1.3.2 | |
|
Oracle Financial Services Applications 14.5.0.14.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.14.0
|
14.5.0.14.0 | |
|
Oracle Financial Services Applications 14.6.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.0.0
|
14.6.0.0.0 | |
|
Oracle Financial Services Applications 14.5.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.0.0
|
14.5.0.0.0 | |
|
Oracle Financial Services Applications 2.6.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.6.0
|
2.6.0 | |
|
Oracle Financial Services Applications 14.7.0.9.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.9.0
|
14.7.0.9.0 | |
|
Oracle Financial Services Applications 14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.0.0
|
14.7.0.0.0 | |
|
Oracle Financial Services Applications 14.6.0.11.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.6.0.11.0
|
14.6.0.11.0 | |
|
Oracle Financial Services Applications 14.7.0.8.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.0.8.0
|
14.7.0.8.0 | |
|
Oracle Financial Services Applications 14.8.0.1.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.0.1.0
|
14.8.0.1.0 | |
|
Oracle Financial Services Applications 14.5.0.15.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.5.0.15.0
|
14.5.0.15.0 | |
|
Oracle Financial Services Applications 14.8.1.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.8.1.0.0
|
14.8.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications <=12.0.6
Oracle / Financial Services Applications
|
<=12.0.6 | ||
|
Oracle Financial Services Applications <=14.8.0.0.0
Oracle / Financial Services Applications
|
<=14.8.0.0.0 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Financial Services ist eine Zusammenstellung von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0163 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0163.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0163 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0163"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2026 - Appendix Oracle Financial Services Applications vom 2026-01-20",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixIFLX"
}
],
"source_lang": "en-US",
"title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-20T23:00:00.000+00:00",
"generator": {
"date": "2026-01-21T08:54:09.582+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0163",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "14.7.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.0.0.0",
"product_id": "T028702",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.0.0"
}
}
},
{
"category": "product_version",
"name": "14.5.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.5.0.0.0",
"product_id": "T034160",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.5.0.0.0"
}
}
},
{
"category": "product_version",
"name": "14.6.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.6.0.0.0",
"product_id": "T034161",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.6.0.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=14.8.0.0.0",
"product": {
"name": "Oracle Financial Services Applications \u003c=14.8.0.0.0",
"product_id": "T047909"
}
},
{
"category": "product_version_range",
"name": "\u003c=14.8.0.0.0",
"product": {
"name": "Oracle Financial Services Applications \u003c=14.8.0.0.0",
"product_id": "T047909-fixed"
}
},
{
"category": "product_version",
"name": "8.1.3.2",
"product": {
"name": "Oracle Financial Services Applications 8.1.3.2",
"product_id": "T047911",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.3.2"
}
}
},
{
"category": "product_version",
"name": "14.8.1.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.8.1.0.0",
"product_id": "T050133",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.8.1.0.0"
}
}
},
{
"category": "product_version",
"name": "14.5.0.15.0",
"product": {
"name": "Oracle Financial Services Applications 14.5.0.15.0",
"product_id": "T050134",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.5.0.15.0"
}
}
},
{
"category": "product_version",
"name": "14.6.0.11.0",
"product": {
"name": "Oracle Financial Services Applications 14.6.0.11.0",
"product_id": "T050135",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.6.0.11.0"
}
}
},
{
"category": "product_version",
"name": "14.7.0.9.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.0.9.0",
"product_id": "T050136",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.9.0"
}
}
},
{
"category": "product_version",
"name": "14.8.0.1.0",
"product": {
"name": "Oracle Financial Services Applications 14.8.0.1.0",
"product_id": "T050137",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.8.0.1.0"
}
}
},
{
"category": "product_version",
"name": "14.7.0.8.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.0.8.0",
"product_id": "T050138",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.8.0"
}
}
},
{
"category": "product_version",
"name": "2.6.0",
"product": {
"name": "Oracle Financial Services Applications 2.6.0",
"product_id": "T050139",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.6.0"
}
}
},
{
"category": "product_version",
"name": "14.5.0.14.0",
"product": {
"name": "Oracle Financial Services Applications 14.5.0.14.0",
"product_id": "T050140",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.5.0.14.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.6",
"product": {
"name": "Oracle Financial Services Applications \u003c=12.0.6",
"product_id": "T050141"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.6",
"product": {
"name": "Oracle Financial Services Applications \u003c=12.0.6",
"product_id": "T050141-fixed"
}
}
],
"category": "product_name",
"name": "Financial Services Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22228",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-22228"
},
{
"cve": "CVE-2025-27817",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-27817"
},
{
"cve": "CVE-2025-41248",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-41248"
},
{
"cve": "CVE-2025-41249",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-41249"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-48795",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48795"
},
{
"cve": "CVE-2025-48924",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48976",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-49796",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-5115",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-5115"
},
{
"cve": "CVE-2025-55163",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-61795",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-61795"
},
{
"cve": "CVE-2025-66418",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-66418"
},
{
"cve": "CVE-2025-9230",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2026-21973",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21973"
},
{
"cve": "CVE-2026-21978",
"product_status": {
"known_affected": [
"T047911",
"T050140",
"T034161",
"T034160",
"T050139",
"T050136",
"T028702",
"T050135",
"T050138",
"T050137",
"T050134",
"T050133"
],
"last_affected": [
"T050141",
"T047909"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21978"
}
]
}
WID-SEC-W-2026-0167
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-01-20 23:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle PeopleSoft ist eine ERP Anwendung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle PeopleSoft ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0167 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0167.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0167 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0167"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2026 - Appendix Oracle PeopleSoft vom 2026-01-20",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixPS"
}
],
"source_lang": "en-US",
"title": "Oracle PeopleSoft: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-20T23:00:00.000+00:00",
"generator": {
"date": "2026-01-21T09:05:45.182+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0167",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9.2",
"product": {
"name": "Oracle PeopleSoft 9.2",
"product_id": "T019030",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:9.2"
}
}
},
{
"category": "product_version",
"name": "8.6",
"product": {
"name": "Oracle PeopleSoft 8.60",
"product_id": "T025008",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.60"
}
}
},
{
"category": "product_version",
"name": "8.61",
"product": {
"name": "Oracle PeopleSoft 8.61",
"product_id": "T032124",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.61"
}
}
},
{
"category": "product_version",
"name": "8.62",
"product": {
"name": "Oracle PeopleSoft 8.62",
"product_id": "T042827",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.62"
}
}
}
],
"category": "product_name",
"name": "PeopleSoft"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-27210",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-27210"
},
{
"cve": "CVE-2025-48924",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-55163",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-66516",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-66516"
},
{
"cve": "CVE-2025-6965",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-9086",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9086"
},
{
"cve": "CVE-2025-9230",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2026-21934",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21934"
},
{
"cve": "CVE-2026-21938",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21938"
},
{
"cve": "CVE-2026-21951",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21951"
},
{
"cve": "CVE-2026-21961",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21961"
},
{
"cve": "CVE-2026-21971",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21971"
}
]
}
WID-SEC-W-2026-0168
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-05-21 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.7
Oracle / MySQL
|
<=8.4.7 | ||
|
Oracle MySQL <=9.5.0
Oracle / MySQL
|
<=9.5.0 | ||
|
Oracle MySQL <=9.4.0
Oracle / MySQL
|
<=9.4.0 | ||
|
Oracle MySQL <=7.6.36
Oracle / MySQL
|
<=7.6.36 | ||
|
Oracle MySQL <=8.0.45
Oracle / MySQL
|
<=8.0.45 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "MySQL ist ein Open Source Datenbankserver von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0168 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0168.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0168 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0168"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2026 - Appendix Oracle MySQL vom 2026-01-20",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7994-1 vom 2026-02-03",
"url": "https://ubuntu.com/security/notices/USN-7994-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8006-1 vom 2026-02-04",
"url": "https://ubuntu.com/security/notices/USN-8006-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4162 vom 2026-03-10",
"url": "https://access.redhat.com/errata/RHSA-2026:4162"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-4162 vom 2026-03-10",
"url": "https://linux.oracle.com/errata/ELSA-2026-4162.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:4828 vom 2026-03-18",
"url": "https://errata.build.resf.org/RLSA-2026:4828"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4828 vom 2026-03-18",
"url": "https://access.redhat.com/errata/RHSA-2026:4828"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-4828 vom 2026-03-18",
"url": "https://linux.oracle.com/errata/ELSA-2026-4828.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:5580 vom 2026-03-24",
"url": "https://access.redhat.com/errata/RHSA-2026:5580"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:5580 vom 2026-03-24",
"url": "https://errata.build.resf.org/RLSA-2026:5580"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:5640 vom 2026-03-24",
"url": "https://access.redhat.com/errata/RHSA-2026:5640"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:5640 vom 2026-03-24",
"url": "https://errata.build.resf.org/RLSA-2026:5640"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-5640 vom 2026-03-26",
"url": "http://linux.oracle.com/errata/ELSA-2026-5640.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-5580 vom 2026-03-27",
"url": "http://linux.oracle.com/errata/ELSA-2026-5580.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-5580 vom 2026-03-26",
"url": "https://linux.oracle.com/errata/ELSA-2026-5580.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:6391 vom 2026-04-02",
"url": "https://errata.build.resf.org/RLSA-2026:6391"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6391 vom 2026-04-01",
"url": "https://access.redhat.com/errata/RHSA-2026:6391"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6435 vom 2026-04-02",
"url": "https://access.redhat.com/errata/RHSA-2026:6435"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:6435 vom 2026-04-02",
"url": "https://errata.build.resf.org/RLSA-2026:6435"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6435 vom 2026-04-03",
"url": "https://linux.oracle.com/errata/ELSA-2026-6435.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6391 vom 2026-04-03",
"url": "https://linux.oracle.com/errata/ELSA-2026-6391.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:4162 vom 2026-05-21",
"url": "https://errata.build.resf.org/RLSA-2026:4162"
}
],
"source_lang": "en-US",
"title": "Oracle MySQL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-21T22:00:00.000+00:00",
"generator": {
"date": "2026-05-22T07:21:13.740+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-0168",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2026-3544"
},
{
"date": "2026-02-02T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-09T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-10T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-17T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und Red Hat aufgenommen"
},
{
"date": "2026-03-18T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-23T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-24T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-03-25T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-26T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-04-01T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und Red Hat aufgenommen"
},
{
"date": "2026-04-06T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat, Rocky Enterprise Software Foundation und Oracle Linux aufgenommen"
},
{
"date": "2026-05-21T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
}
],
"status": "final",
"version": "15"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=9.4.0",
"product": {
"name": "Oracle MySQL \u003c=9.4.0",
"product_id": "T047929"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.4.0",
"product": {
"name": "Oracle MySQL \u003c=9.4.0",
"product_id": "T047929-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.4.7",
"product": {
"name": "Oracle MySQL \u003c=8.4.7",
"product_id": "T050150"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.4.7",
"product": {
"name": "Oracle MySQL \u003c=8.4.7",
"product_id": "T050150-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.5.0",
"product": {
"name": "Oracle MySQL \u003c=9.5.0",
"product_id": "T050151"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.5.0",
"product": {
"name": "Oracle MySQL \u003c=9.5.0",
"product_id": "T050151-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.45",
"product": {
"name": "Oracle MySQL \u003c=8.0.45",
"product_id": "T050153"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.45",
"product": {
"name": "Oracle MySQL \u003c=8.0.45",
"product_id": "T050153-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.6.36",
"product": {
"name": "Oracle MySQL \u003c=7.6.36",
"product_id": "T050154"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.6.36",
"product": {
"name": "Oracle MySQL \u003c=7.6.36",
"product_id": "T050154-fixed"
}
}
],
"category": "product_name",
"name": "MySQL"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-65018",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-65018"
},
{
"cve": "CVE-2025-6965",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-9086",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9086"
},
{
"cve": "CVE-2025-9230",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2026-21929",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21929"
},
{
"cve": "CVE-2026-21936",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21936"
},
{
"cve": "CVE-2026-21937",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21937"
},
{
"cve": "CVE-2026-21941",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21941"
},
{
"cve": "CVE-2026-21948",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21948"
},
{
"cve": "CVE-2026-21949",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21949"
},
{
"cve": "CVE-2026-21950",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21950"
},
{
"cve": "CVE-2026-21952",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21952"
},
{
"cve": "CVE-2026-21964",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21964"
},
{
"cve": "CVE-2026-21965",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21965"
},
{
"cve": "CVE-2026-21968",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T004914",
"T032255"
],
"last_affected": [
"T050150",
"T050151",
"T047929",
"T050154",
"T050153"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21968"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.