Vulnerability-Lookup

CVE-2026-42769 (GCVE-0-2026-42769)

Vulnerability from cvelistv5 – Published: 2026-06-09 16:03 – Updated: 2026-06-10 07:48

Title

Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

Summary

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority (RA) level to the root Certification Authority (root CA) level. Impact Summary: The Registration Autority could replace the root CA certificate for the CMP clients with an arbitrary root CA certificate. One of the parts of the Certificate Management Protocol (CMP), specified in RFC 9810, is Root Certification Authority (root CA) key Rollover, which is sent by the server in a message with type 'id-it-rootCaKeyUpdate'. As part of these messages, 'newWithOld' certificate, the new root CA certificate signed with the old root CA key, is provided, and verifying its signature is crucial for transferring the trust from the old CA key to the new one. The 'id-it-rootCaKeyUpdate' messages are expected to be processed with OSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the 'newWithOld' certificate. A typo in the certificate chain building code led to adding an incorrect certificate ('newWithOld' instead of 'oldRoot') to the certificate chain, rendering the certificate verification process ineffectual (only the issuer name and the algorithm OIDs were verified by other parts of the verification code). An attacker who already has credentials that satisfy the CMP message protection checks can generate a new key pair and use a crafted self-signed certificate in its 'id-it-rootCaKeyUpdate' CMP messages which affected CMP clients would accept as a new trust anchor. Significant preconditions for the attack (having valid RA-level credentials) are the reason the issue was assigned Low severity. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-295 - Improper Certificate Validation

Assigner

openssl

References

5 references

URL	Tags
https://openssl-library.org/news/secadv/20260609.txt	vendor-advisory
https://github.com/openssl/openssl/commit/d531f21…	patch
https://github.com/openssl/openssl/commit/d35cd47…	patch
https://github.com/openssl/openssl/commit/54d0989…	patch
https://github.com/openssl/openssl/commit/777b363…	patch

Impacted products

1 product

Vendor	Product	Version
OpenSSL	OpenSSL	Affected: 4.0.0 , < 4.0.1 (semver) Affected: 3.6.0 , < 3.6.3 (semver) Affected: 3.5.0 , < 3.5.7 (semver) Affected: 3.4.0 , < 3.4.6 (semver)

Date Public

2026-06-09 14:00

Credits

Alex Gaynor (Anthropic) Alex Gaynor (Anthropic) Bob Beck

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-42769",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T19:38:00.495097Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T19:38:05.632Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "4.0.1",
              "status": "affected",
              "version": "4.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.6.3",
              "status": "affected",
              "version": "3.6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.5.7",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.4.6",
              "status": "affected",
              "version": "3.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Alex Gaynor (Anthropic)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Alex Gaynor (Anthropic)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Bob Beck"
        }
      ],
      "datePublic": "2026-06-09T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue Summary: An error in the callback used to verify the certificate\u003cbr\u003eprovided in a Root CA key update Certificate Management Protocol (CMP)\u003cbr\u003emessage response rendered the certificate validation ineffectual, which\u003cbr\u003ecould lead to escalation of credentials from the Registration Authority (RA)\u003cbr\u003elevel to the root Certification Authority (root CA) level.\u003cbr\u003e\u003cbr\u003eImpact Summary: The Registration Autority could replace the root CA\u003cbr\u003ecertificate for the CMP clients with an arbitrary root CA certificate.\u003cbr\u003e\u003cbr\u003eOne of the parts of the Certificate Management Protocol (CMP), specified in\u003cbr\u003eRFC 9810, is Root Certification Authority (root CA) key Rollover,\u003cbr\u003ewhich is sent by the server in a message with type \u0027id-it-rootCaKeyUpdate\u0027.\u003cbr\u003eAs part of these messages, \u0027newWithOld\u0027 certificate, the new root CA\u003cbr\u003ecertificate signed with the old root CA key, is provided, and verifying its\u003cbr\u003esignature is crucial for transferring the trust from the old CA key to the\u003cbr\u003enew one.\u003cbr\u003e\u003cbr\u003eThe \u0027id-it-rootCaKeyUpdate\u0027 messages are expected to be processed with\u003cbr\u003eOSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the \u0027newWithOld\u0027\u003cbr\u003ecertificate.  A typo in the certificate chain building code led to adding\u003cbr\u003ean incorrect certificate (\u0027newWithOld\u0027 instead of \u0027oldRoot\u0027) to the\u003cbr\u003ecertificate chain, rendering the certificate verification process ineffectual\u003cbr\u003e(only the issuer name and the algorithm OIDs were verified by other parts\u003cbr\u003eof the verification code).\u003cbr\u003e\u003cbr\u003eAn attacker who already has credentials that satisfy the CMP message\u003cbr\u003eprotection checks can generate a new key pair and use a crafted self-signed\u003cbr\u003ecertificate in its \u0027id-it-rootCaKeyUpdate\u0027 CMP messages which affected CMP\u003cbr\u003eclients would accept as a new trust anchor.\u003cbr\u003e\u003cbr\u003eSignificant preconditions for the attack (having valid RA-level credentials)\u003cbr\u003eare the reason the issue was assigned Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules are not affected by this issue, as the affected code is\u003cbr\u003eoutside the OpenSSL FIPS module boundary."
            }
          ],
          "value": "Issue Summary: An error in the callback used to verify the certificate\nprovided in a Root CA key update Certificate Management Protocol (CMP)\nmessage response rendered the certificate validation ineffectual, which\ncould lead to escalation of credentials from the Registration Authority (RA)\nlevel to the root Certification Authority (root CA) level.\n\nImpact Summary: The Registration Autority could replace the root CA\ncertificate for the CMP clients with an arbitrary root CA certificate.\n\nOne of the parts of the Certificate Management Protocol (CMP), specified in\nRFC 9810, is Root Certification Authority (root CA) key Rollover,\nwhich is sent by the server in a message with type \u0027id-it-rootCaKeyUpdate\u0027.\nAs part of these messages, \u0027newWithOld\u0027 certificate, the new root CA\ncertificate signed with the old root CA key, is provided, and verifying its\nsignature is crucial for transferring the trust from the old CA key to the\nnew one.\n\nThe \u0027id-it-rootCaKeyUpdate\u0027 messages are expected to be processed with\nOSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the \u0027newWithOld\u0027\ncertificate.  A typo in the certificate chain building code led to adding\nan incorrect certificate (\u0027newWithOld\u0027 instead of \u0027oldRoot\u0027) to the\ncertificate chain, rendering the certificate verification process ineffectual\n(only the issuer name and the algorithm OIDs were verified by other parts\nof the verification code).\n\nAn attacker who already has credentials that satisfy the CMP message\nprotection checks can generate a new key pair and use a crafted self-signed\ncertificate in its \u0027id-it-rootCaKeyUpdate\u0027 CMP messages which affected CMP\nclients would accept as a new trust anchor.\n\nSignificant preconditions for the attack (having valid RA-level credentials)\nare the reason the issue was assigned Low severity.\n\nThe FIPS modules are not affected by this issue, as the affected code is\noutside the OpenSSL FIPS module boundary."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "Low"
            },
            "type": "https://openssl-library.org/policies/general/security-policy/"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T07:48:06.084Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://openssl-library.org/news/secadv/20260609.txt"
        },
        {
          "name": "4.0.1 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/d531f21c0fe99067a66fc0ff1161ef127f9cd70b"
        },
        {
          "name": "3.6.3 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/d35cd473a271bf3ce7bf3d32af53217fb83ae92c"
        },
        {
          "name": "3.5.7 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/54d0989997e5fc26057009a9782c3441ce3842fb"
        },
        {
          "name": "3.4.6 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/777b363b16fcf2153bb3ded39dc3838713667c44"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2026-42769",
    "datePublished": "2026-06-09T16:03:28.999Z",
    "dateReserved": "2026-04-29T09:22:27.969Z",
    "dateUpdated": "2026-06-10T07:48:06.084Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-42769",
      "date": "2026-06-11",
      "epss": "9e-05",
      "percentile": "0.0107"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-42769\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2026-06-09T17:17:08.377\",\"lastModified\":\"2026-06-10T08:16:24.027\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue Summary: An error in the callback used to verify the certificate\\nprovided in a Root CA key update Certificate Management Protocol (CMP)\\nmessage response rendered the certificate validation ineffectual, which\\ncould lead to escalation of credentials from the Registration Authority (RA)\\nlevel to the root Certification Authority (root CA) level.\\n\\nImpact Summary: The Registration Autority could replace the root CA\\ncertificate for the CMP clients with an arbitrary root CA certificate.\\n\\nOne of the parts of the Certificate Management Protocol (CMP), specified in\\nRFC 9810, is Root Certification Authority (root CA) key Rollover,\\nwhich is sent by the server in a message with type \u0027id-it-rootCaKeyUpdate\u0027.\\nAs part of these messages, \u0027newWithOld\u0027 certificate, the new root CA\\ncertificate signed with the old root CA key, is provided, and verifying its\\nsignature is crucial for transferring the trust from the old CA key to the\\nnew one.\\n\\nThe \u0027id-it-rootCaKeyUpdate\u0027 messages are expected to be processed with\\nOSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the \u0027newWithOld\u0027\\ncertificate.  A typo in the certificate chain building code led to adding\\nan incorrect certificate (\u0027newWithOld\u0027 instead of \u0027oldRoot\u0027) to the\\ncertificate chain, rendering the certificate verification process ineffectual\\n(only the issuer name and the algorithm OIDs were verified by other parts\\nof the verification code).\\n\\nAn attacker who already has credentials that satisfy the CMP message\\nprotection checks can generate a new key pair and use a crafted self-signed\\ncertificate in its \u0027id-it-rootCaKeyUpdate\u0027 CMP messages which affected CMP\\nclients would accept as a new trust anchor.\\n\\nSignificant preconditions for the attack (having valid RA-level credentials)\\nare the reason the issue was assigned Low severity.\\n\\nThe FIPS modules are not affected by this issue, as the affected code is\\noutside the OpenSSL FIPS module boundary.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/54d0989997e5fc26057009a9782c3441ce3842fb\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/777b363b16fcf2153bb3ded39dc3838713667c44\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/d35cd473a271bf3ce7bf3d32af53217fb83ae92c\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/d531f21c0fe99067a66fc0ff1161ef127f9cd70b\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://openssl-library.org/news/secadv/20260609.txt\",\"source\":\"openssl-security@openssl.org\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-42769\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-09T19:38:00.495097Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-09T19:37:50.572Z\"}}], \"cna\": {\"title\": \"Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Alex Gaynor (Anthropic)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Alex Gaynor (Anthropic)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Bob Beck\"}], \"metrics\": [{\"other\": {\"type\": \"https://openssl-library.org/policies/general/security-policy/\", \"content\": {\"text\": \"Low\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.0.0\", \"lessThan\": \"4.0.1\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.6.0\", \"lessThan\": \"3.6.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.5.0\", \"lessThan\": \"3.5.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.4.0\", \"lessThan\": \"3.4.6\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2026-06-09T14:00:00.000Z\", \"references\": [{\"url\": \"https://openssl-library.org/news/secadv/20260609.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/d531f21c0fe99067a66fc0ff1161ef127f9cd70b\", \"name\": \"4.0.1 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/d35cd473a271bf3ce7bf3d32af53217fb83ae92c\", \"name\": \"3.6.3 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/54d0989997e5fc26057009a9782c3441ce3842fb\", \"name\": \"3.5.7 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/777b363b16fcf2153bb3ded39dc3838713667c44\", \"name\": \"3.4.6 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue Summary: An error in the callback used to verify the certificate\\nprovided in a Root CA key update Certificate Management Protocol (CMP)\\nmessage response rendered the certificate validation ineffectual, which\\ncould lead to escalation of credentials from the Registration Authority (RA)\\nlevel to the root Certification Authority (root CA) level.\\n\\nImpact Summary: The Registration Autority could replace the root CA\\ncertificate for the CMP clients with an arbitrary root CA certificate.\\n\\nOne of the parts of the Certificate Management Protocol (CMP), specified in\\nRFC 9810, is Root Certification Authority (root CA) key Rollover,\\nwhich is sent by the server in a message with type \u0027id-it-rootCaKeyUpdate\u0027.\\nAs part of these messages, \u0027newWithOld\u0027 certificate, the new root CA\\ncertificate signed with the old root CA key, is provided, and verifying its\\nsignature is crucial for transferring the trust from the old CA key to the\\nnew one.\\n\\nThe \u0027id-it-rootCaKeyUpdate\u0027 messages are expected to be processed with\\nOSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the \u0027newWithOld\u0027\\ncertificate.  A typo in the certificate chain building code led to adding\\nan incorrect certificate (\u0027newWithOld\u0027 instead of \u0027oldRoot\u0027) to the\\ncertificate chain, rendering the certificate verification process ineffectual\\n(only the issuer name and the algorithm OIDs were verified by other parts\\nof the verification code).\\n\\nAn attacker who already has credentials that satisfy the CMP message\\nprotection checks can generate a new key pair and use a crafted self-signed\\ncertificate in its \u0027id-it-rootCaKeyUpdate\u0027 CMP messages which affected CMP\\nclients would accept as a new trust anchor.\\n\\nSignificant preconditions for the attack (having valid RA-level credentials)\\nare the reason the issue was assigned Low severity.\\n\\nThe FIPS modules are not affected by this issue, as the affected code is\\noutside the OpenSSL FIPS module boundary.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue Summary: An error in the callback used to verify the certificate\u003cbr\u003eprovided in a Root CA key update Certificate Management Protocol (CMP)\u003cbr\u003emessage response rendered the certificate validation ineffectual, which\u003cbr\u003ecould lead to escalation of credentials from the Registration Authority (RA)\u003cbr\u003elevel to the root Certification Authority (root CA) level.\u003cbr\u003e\u003cbr\u003eImpact Summary: The Registration Autority could replace the root CA\u003cbr\u003ecertificate for the CMP clients with an arbitrary root CA certificate.\u003cbr\u003e\u003cbr\u003eOne of the parts of the Certificate Management Protocol (CMP), specified in\u003cbr\u003eRFC 9810, is Root Certification Authority (root CA) key Rollover,\u003cbr\u003ewhich is sent by the server in a message with type \u0027id-it-rootCaKeyUpdate\u0027.\u003cbr\u003eAs part of these messages, \u0027newWithOld\u0027 certificate, the new root CA\u003cbr\u003ecertificate signed with the old root CA key, is provided, and verifying its\u003cbr\u003esignature is crucial for transferring the trust from the old CA key to the\u003cbr\u003enew one.\u003cbr\u003e\u003cbr\u003eThe \u0027id-it-rootCaKeyUpdate\u0027 messages are expected to be processed with\u003cbr\u003eOSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the \u0027newWithOld\u0027\u003cbr\u003ecertificate.  A typo in the certificate chain building code led to adding\u003cbr\u003ean incorrect certificate (\u0027newWithOld\u0027 instead of \u0027oldRoot\u0027) to the\u003cbr\u003ecertificate chain, rendering the certificate verification process ineffectual\u003cbr\u003e(only the issuer name and the algorithm OIDs were verified by other parts\u003cbr\u003eof the verification code).\u003cbr\u003e\u003cbr\u003eAn attacker who already has credentials that satisfy the CMP message\u003cbr\u003eprotection checks can generate a new key pair and use a crafted self-signed\u003cbr\u003ecertificate in its \u0027id-it-rootCaKeyUpdate\u0027 CMP messages which affected CMP\u003cbr\u003eclients would accept as a new trust anchor.\u003cbr\u003e\u003cbr\u003eSignificant preconditions for the attack (having valid RA-level credentials)\u003cbr\u003eare the reason the issue was assigned Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules are not affected by this issue, as the affected code is\u003cbr\u003eoutside the OpenSSL FIPS module boundary.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-295\", \"description\": \"CWE-295 Improper Certificate Validation\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2026-06-10T07:48:06.084Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-42769\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-10T07:48:06.084Z\", \"dateReserved\": \"2026-04-29T09:22:27.969Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2026-06-09T16:03:28.999Z\", \"assignerShortName\": \"openssl\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

alsa-2026:25237

Vulnerability from osv_almalinux

Published

2026-06-11 00:00

Modified

2026-06-11 18:18

Summary

Important: openssl security update

Details

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383)
openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076)
openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180)
openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181)
openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182)
openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183)
openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764)
openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766)
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767)
openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768)
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769)
openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770)
openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445)
openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446)
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2026:25237	ADVISORY
	https://access.redhat.com/security/cve/CVE-2026-34180	REPORT
	https://access.redhat.com/security/cve/CVE-2026-34181	REPORT
	https://access.redhat.com/security/cve/CVE-2026-34182	REPORT
	https://access.redhat.com/security/cve/CVE-2026-34183	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42764	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42766	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42767	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42768	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42769	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42770	REPORT
	https://access.redhat.com/security/cve/CVE-2026-45445	REPORT
	https://access.redhat.com/security/cve/CVE-2026-45446	REPORT
	https://access.redhat.com/security/cve/CVE-2026-45447	REPORT
	https://access.redhat.com/security/cve/CVE-2026-7383	REPORT
	https://access.redhat.com/security/cve/CVE-2026-9076	REPORT
	https://bugzilla.redhat.com/2481879	REPORT
	https://bugzilla.redhat.com/2481880	REPORT
	https://bugzilla.redhat.com/2481881	REPORT
	https://bugzilla.redhat.com/2481882	REPORT
	https://bugzilla.redhat.com/2481884	REPORT
	https://bugzilla.redhat.com/2481885	REPORT
	https://bugzilla.redhat.com/2481887	REPORT
	https://bugzilla.redhat.com/2481890	REPORT
	https://bugzilla.redhat.com/2481891	REPORT
	https://bugzilla.redhat.com/2481892	REPORT
	https://bugzilla.redhat.com/2481893	REPORT
	https://bugzilla.redhat.com/2481894	REPORT
	https://bugzilla.redhat.com/2481896	REPORT
	https://bugzilla.redhat.com/2481897	REPORT
	https://bugzilla.redhat.com/2481898	REPORT
	https://errata.almalinux.org/10/ALSA-2026-25237.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "openssl"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:3.5.5-4.el10_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "openssl-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:3.5.5-4.el10_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "openssl-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:3.5.5-4.el10_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "openssl-perl"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:3.5.5-4.el10_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.  \n\nSecurity Fix(es):  \n\n  * openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383)\n  * openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076)\n  * openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180)\n  * openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181)\n  * openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182)\n  * openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183)\n  * openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764)\n  * openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766)\n  * openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767)\n  * openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768)\n  * openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769)\n  * openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770)\n  * openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445)\n  * openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446)\n  * openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2026:25237",
  "modified": "2026-06-11T18:18:09Z",
  "published": "2026-06-11T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2026:25237"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-34180"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-34181"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-34182"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-34183"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42764"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42766"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42767"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42768"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42769"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42770"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-45445"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-45446"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-45447"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-7383"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-9076"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481879"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481880"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481881"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481882"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481884"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481885"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481887"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481890"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481891"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481892"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481893"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481894"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481896"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481897"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481898"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/10/ALSA-2026-25237.html"
    }
  ],
  "related": [
    "CVE-2026-7383",
    "CVE-2026-9076",
    "CVE-2026-34180",
    "CVE-2026-34181",
    "CVE-2026-34182",
    "CVE-2026-34183",
    "CVE-2026-42764",
    "CVE-2026-42766",
    "CVE-2026-42767",
    "CVE-2026-42768",
    "CVE-2026-42769",
    "CVE-2026-42770",
    "CVE-2026-45445",
    "CVE-2026-45446",
    "CVE-2026-45447"
  ],
  "summary": "Important: openssl security update"
}

CERTFR-2026-AVI-0717

Vulnerability from certfr_avis - Published: 2026-06-10 - Updated: 2026-06-10

De multiples vulnérabilités ont été découvertes dans OpenSSL. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
OpenSSL	OpenSSL	OpenSSL versions 1.0.x antérieures à 1.0.2zq
OpenSSL	OpenSSL	OpenSSL versions 4.x antérieures à 4.0.1
OpenSSL	OpenSSL	OpenSSL versions 3.5.x antérieures à 3.5.7
OpenSSL	OpenSSL	OpenSSL versions 1.1.x antérieures à 1.1.1zh
OpenSSL	OpenSSL	OpenSSL versions 3.x antérieures à 3.0.21
OpenSSL	OpenSSL	OpenSSL versions 3.6.x antérieures à 3.6.3
OpenSSL	OpenSSL	OpenSSL versions 3.4.x antérieures à 3.4.6

References

Title

Publication Time

FKIE_CVE-2026-42769

Vulnerability from fkie_nvd - Published: 2026-06-09 17:17 - Updated: 2026-06-10 08:16

Severity

5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

	URL	Tags
	openssl-security@openssl.org	https://github.com/openssl/openssl/commit/54d0989997e5fc26057009a9782c3441ce3842fb
	openssl-security@openssl.org	https://github.com/openssl/openssl/commit/777b363b16fcf2153bb3ded39dc3838713667c44
	openssl-security@openssl.org	https://github.com/openssl/openssl/commit/d35cd473a271bf3ce7bf3d32af53217fb83ae92c
	openssl-security@openssl.org	https://github.com/openssl/openssl/commit/d531f21c0fe99067a66fc0ff1161ef127f9cd70b
	openssl-security@openssl.org	https://openssl-library.org/news/secadv/20260609.txt

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Issue Summary: An error in the callback used to verify the certificate\nprovided in a Root CA key update Certificate Management Protocol (CMP)\nmessage response rendered the certificate validation ineffectual, which\ncould lead to escalation of credentials from the Registration Authority (RA)\nlevel to the root Certification Authority (root CA) level.\n\nImpact Summary: The Registration Autority could replace the root CA\ncertificate for the CMP clients with an arbitrary root CA certificate.\n\nOne of the parts of the Certificate Management Protocol (CMP), specified in\nRFC 9810, is Root Certification Authority (root CA) key Rollover,\nwhich is sent by the server in a message with type \u0027id-it-rootCaKeyUpdate\u0027.\nAs part of these messages, \u0027newWithOld\u0027 certificate, the new root CA\ncertificate signed with the old root CA key, is provided, and verifying its\nsignature is crucial for transferring the trust from the old CA key to the\nnew one.\n\nThe \u0027id-it-rootCaKeyUpdate\u0027 messages are expected to be processed with\nOSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the \u0027newWithOld\u0027\ncertificate.  A typo in the certificate chain building code led to adding\nan incorrect certificate (\u0027newWithOld\u0027 instead of \u0027oldRoot\u0027) to the\ncertificate chain, rendering the certificate verification process ineffectual\n(only the issuer name and the algorithm OIDs were verified by other parts\nof the verification code).\n\nAn attacker who already has credentials that satisfy the CMP message\nprotection checks can generate a new key pair and use a crafted self-signed\ncertificate in its \u0027id-it-rootCaKeyUpdate\u0027 CMP messages which affected CMP\nclients would accept as a new trust anchor.\n\nSignificant preconditions for the attack (having valid RA-level credentials)\nare the reason the issue was assigned Low severity.\n\nThe FIPS modules are not affected by this issue, as the affected code is\noutside the OpenSSL FIPS module boundary."
    }
  ],
  "id": "CVE-2026-42769",
  "lastModified": "2026-06-10T08:16:24.027",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-06-09T17:17:08.377",
  "references": [
    {
      "source": "openssl-security@openssl.org",
      "url": "https://github.com/openssl/openssl/commit/54d0989997e5fc26057009a9782c3441ce3842fb"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://github.com/openssl/openssl/commit/777b363b16fcf2153bb3ded39dc3838713667c44"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://github.com/openssl/openssl/commit/d35cd473a271bf3ce7bf3d32af53217fb83ae92c"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://github.com/openssl/openssl/commit/d531f21c0fe99067a66fc0ff1161ef127f9cd70b"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://openssl-library.org/news/secadv/20260609.txt"
    }
  ],
  "sourceIdentifier": "openssl-security@openssl.org",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-295"
        }
      ],
      "source": "openssl-security@openssl.org",
      "type": "Secondary"
    }
  ]
}

GHSA-RPJ2-P5PJ-R33V

Vulnerability from github – Published: 2026-06-09 18:30 – Updated: 2026-06-10 09:31

Details

Impact Summary: The Registration Autority could replace the root CA certificate for the CMP clients with an arbitrary root CA certificate.

One of the parts of the Certificate Management Protocol (CMP), specified in RFC 9810, is Root Certification Authority (root CA) key Rollover, which is sent by the server in a message with type 'id-it-rootCaKeyUpdate'. As part of these messages, 'newWithOld' certificate, the new root CA certificate signed with the old root CA key, is provided, and verifying its signature is crucial for transferring the trust from the old CA key to the new one.

The 'id-it-rootCaKeyUpdate' messages are expected to be processed with OSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the 'newWithOld' certificate. A typo in the certificate chain building code led to adding an incorrect certificate ('newWithOld' instead of 'oldRoot') to the certificate chain, rendering the certificate verification process ineffectual (only the issuer name and the algorithm OIDs were verified by other parts of the verification code).

An attacker who already has credentials that satisfy the CMP message protection checks can generate a new key pair and use a crafted self-signed certificate in its 'id-it-rootCaKeyUpdate' CMP messages which affected CMP clients would accept as a new trust anchor.

Significant preconditions for the attack (having valid RA-level credentials) are the reason the issue was assigned Low severity.

The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.

Severity

5.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-42769"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-09T17:17:08Z",
    "severity": "MODERATE"
  },
  "details": "Issue Summary: An error in the callback used to verify the certificate\nprovided in a Root CA key update Certificate Management Protocol (CMP)\nmessage response rendered the certificate validation ineffectual, which\ncould lead to escalation of credentials from the Registration Authority (RA)\nlevel to the root Certification Authority (root CA) level.\n\nImpact Summary: The Registration Autority could replace the root CA\ncertificate for the CMP clients with an arbitrary root CA certificate.\n\nOne of the parts of the Certificate Management Protocol (CMP), specified in\nRFC 9810, is Root Certification Authority (root CA) key Rollover,\nwhich is sent by the server in a message with type \u0027id-it-rootCaKeyUpdate\u0027.\nAs part of these messages, \u0027newWithOld\u0027 certificate, the new root CA\ncertificate signed with the old root CA key, is provided, and verifying its\nsignature is crucial for transferring the trust from the old CA key to the\nnew one.\n\nThe \u0027id-it-rootCaKeyUpdate\u0027 messages are expected to be processed with\nOSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the \u0027newWithOld\u0027\ncertificate.  A typo in the certificate chain building code led to adding\nan incorrect certificate (\u0027newWithOld\u0027 instead of \u0027oldRoot\u0027) to the\ncertificate chain, rendering the certificate verification process ineffectual\n(only the issuer name and the algorithm OIDs were verified by other parts\nof the verification code).\n\nAn attacker who already has credentials that satisfy the CMP message\nprotection checks can generate a new key pair and use a crafted self-signed\ncertificate in its \u0027id-it-rootCaKeyUpdate\u0027 CMP messages which affected CMP\nclients would accept as a new trust anchor.\n\nSignificant preconditions for the attack (having valid RA-level credentials)\nare the reason the issue was assigned Low severity.\n\nThe FIPS modules are not affected by this issue, as the affected code is\noutside the OpenSSL FIPS module boundary.",
  "id": "GHSA-rpj2-p5pj-r33v",
  "modified": "2026-06-10T09:31:57Z",
  "published": "2026-06-09T18:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42769"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/54d0989997e5fc26057009a9782c3441ce3842fb"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/777b363b16fcf2153bb3ded39dc3838713667c44"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/d35cd473a271bf3ce7bf3d32af53217fb83ae92c"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/d531f21c0fe99067a66fc0ff1161ef127f9cd70b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/security/commit/54d0989997e5fc26057009a9782c3441ce3842fb"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/security/commit/777b363b16fcf2153bb3ded39dc3838713667c44"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/security/commit/d35cd473a271bf3ce7bf3d32af53217fb83ae92c"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/security/commit/d531f21c0fe99067a66fc0ff1161ef127f9cd70b"
    },
    {
      "type": "WEB",
      "url": "https://openssl-library.org/news/secadv/20260609.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

RHSA-2026:25237

Vulnerability from csaf_redhat - Published: 2026-06-11 13:09 - Updated: 2026-06-11 16:45

Summary

Red Hat Security Advisory: openssl security update

Severity

Important

Notes

Topic: An update for openssl is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383) * openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076) * openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180) * openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181) * openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182) * openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183) * openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764) * openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766) * openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767) * openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768) * openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769) * openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770) * openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445) * openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446) * openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2026-7383

A flaw was found in OpenSSL. A signed integer overflow vulnerability exists when sizing the destination buffer for Unicode output. This can lead to a heap buffer overflow, which may result in a crash or potentially allow an attacker to execute arbitrary code. Exploitation requires an application to directly call specific functions with a large amount of attacker-controlled input.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-9076

A flaw was found in OpenSSL. When processing attacker-supplied Cryptographic Message Syntax (CMS) data using password-based decryption, an attacker can choose a stream-mode Key Encryption Key (KEK) cipher. This can trigger a heap out-of-bounds read, potentially causing an application crash and leading to a Denial of Service (DoS). This vulnerability does not require password knowledge and can be exploited before authentication.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34180

A flaw was found in OpenSSL. An integer truncation vulnerability in the ASN.1 decoder can occur when processing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes. A remote attacker could exploit this to cause a heap buffer over-read. This may lead to an application crash, resulting in a Denial of Service (DoS), or potentially disclose sensitive information by loading memory contents beyond the input buffer. This issue primarily affects 64-bit Unix and Unix-like platforms.

5.0 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34181

A flaw was found in OpenSSL. This vulnerability allows a remote attacker to forge PKCS#12 (Public-Key Cryptography Standards #12) files that use Password-Based Message Authentication Code 1 (PBMAC1) with short HMAC (Hash-based Message Authentication Code) keys. This can lead to a service accepting attacker-controlled certificates and private keys with a 1 in 256 probability, potentially enabling impersonation.

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34182

A flaw was found in OpenSSL's Cryptographic Message Services (CMS) AuthEnvelopedData processing. An on-path attacker can exploit insufficient input validation on cipher and tag length fields by sending specially crafted CMS messages. This can lead to the forging of messages or bypassing integrity validation. Consequently, an attacker may achieve key-equivalent functionality for a given CMS recipient.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-34183

A flaw was found in OpenSSL's QUIC PATH_CHALLENGE handler. A remote attacker can exploit this vulnerability by flooding a QUIC client or server with specially crafted PATH_CHALLENGE frames. This leads to unbounded memory allocation within the local QUIC stack, as the system continuously allocates PATH_RESPONSE frames without them being acknowledged. The primary consequence is a Denial of Service (DoS), causing the affected application to terminate abnormally due to memory exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-42764

A flaw was found in the OpenSSL QUIC (Quick UDP Internet Connections) server. A remote attacker could send a specially crafted QUIC initial packet with an invalid token. If the server's address validation is explicitly disabled, this could lead to a NULL pointer dereference, causing the server process to terminate abnormally and resulting in a Denial of Service (DoS).

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-42766

A flaw was found in OpenSSL. A remote attacker could exploit a NULL pointer dereference vulnerability in the Cryptographic Message Syntax (CMS) decryption process by providing a specially crafted password-encrypted CMS message. This occurs because the keyDerivationAlgorithm field, which is optional, is dereferenced without proper validation. Successful exploitation leads to an application crash, resulting in a Denial of Service.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42767

A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol (CMP) server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format (CRMF) CertRepMessage with a specific malformed EncryptedValue structure, would trigger a NULL pointer dereference in the OpenSSL CMP client. This vulnerability leads to a crash of the application, resulting in a Denial of Service (DoS).

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42768

A flaw was found in OpenSSL's CMS_decrypt() and PKCS7_decrypt() functions. This vulnerability, a Bleichenbacher-style oracle, could allow a remote attacker to decrypt or sign messages using the victim's private RSA key. Exploitation requires the attacker to provide specially crafted CMS or S/MIME messages and observe the application's error codes or decryption output. While the attack is technically possible, the specific conditions required make it unlikely to be exploited in typical deployments.

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-205 - Observable Behavioral Discrepancy

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42769

A flaw was found in the Certificate Management Protocol (CMP) implementation within OpenSSL. An attacker with existing Registration Authority (RA) level credentials could exploit an error in the certificate verification process during a Root Certificate Authority (CA) key update. This vulnerability allows the attacker to replace the root CA certificate for CMP clients with a fraudulent one. The primary consequence is an escalation of privileges, enabling the attacker to gain control equivalent to the root CA.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-295 - Improper Certificate Validation

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42770

A flaw was found in OpenSSL. A malicious peer can exploit this vulnerability by presenting a specially crafted DHX (X9.42) peer key. Due to improper validation of the peer key's subgroup membership, an attacker can recover the victim's private key after a small number of key exchange attempts. This information disclosure can lead to unauthorized access or further compromise of affected systems.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-354 - Improper Validation of Integrity Check Value

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-45445

A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface (EVP_Cipher()) will have their provided Initialization Vector (IV) silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the confidentiality of encrypted data. Additionally, this issue allows for the universal forgery of authentication tags, undermining the integrity of communications.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-1204 - Generation of Weak Initialization Vector (IV)

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-45446

A flaw was found in OpenSSL. The implementations of AES-SIV (Advanced Encryption Standard - SIV) and AES-GCM-SIV (Advanced Encryption Standard - Galois/Counter Mode - SIV) incorrectly process authentication tags for empty messages. This vulnerability allows a remote attacker to forge empty messages with arbitrary Additional Authenticated Data (AAD) in applications that utilize these specific cipher modes within custom protocols and do not properly handle zero-length ciphertexts. This could lead to unauthorized data manipulation.

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-45447

A flaw was found in OpenSSL. When processing a specially crafted PKCS#7 or S/MIME (Secure/Multipurpose Internet Mail Extensions) signed message, a heap use-after-free vulnerability in the PKCS7_verify() function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, leading to incorrect memory deallocation. A remote attacker could exploit this to cause application crashes, memory corruption, or potentially achieve remote code execution.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-825 - Expired Pointer Dereference

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

References

78 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:25237	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481879	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481880	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481881	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481882	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481884	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481885	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481887	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481890	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481891	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481892	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481893	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481894	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481896	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481897	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481898	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2026-7383	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481879	external
https://www.cve.org/CVERecord?id=CVE-2026-7383	external
https://nvd.nist.gov/vuln/detail/CVE-2026-7383	external
https://access.redhat.com/security/cve/CVE-2026-9076	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481880	external
https://www.cve.org/CVERecord?id=CVE-2026-9076	external
https://nvd.nist.gov/vuln/detail/CVE-2026-9076	external
https://access.redhat.com/security/cve/CVE-2026-34180	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481881	external
https://www.cve.org/CVERecord?id=CVE-2026-34180	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34180	external
https://access.redhat.com/security/cve/CVE-2026-34181	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481882	external
https://www.cve.org/CVERecord?id=CVE-2026-34181	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34181	external
https://access.redhat.com/security/cve/CVE-2026-34182	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481884	external
https://www.cve.org/CVERecord?id=CVE-2026-34182	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34182	external
https://access.redhat.com/security/cve/CVE-2026-34183	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481885	external
https://www.cve.org/CVERecord?id=CVE-2026-34183	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34183	external
https://access.redhat.com/security/cve/CVE-2026-42764	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481887	external
https://www.cve.org/CVERecord?id=CVE-2026-42764	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42764	external
https://access.redhat.com/security/cve/CVE-2026-42766	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481890	external
https://www.cve.org/CVERecord?id=CVE-2026-42766	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42766	external
https://access.redhat.com/security/cve/CVE-2026-42767	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481891	external
https://www.cve.org/CVERecord?id=CVE-2026-42767	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42767	external
https://access.redhat.com/security/cve/CVE-2026-42768	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481892	external
https://www.cve.org/CVERecord?id=CVE-2026-42768	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42768	external
https://access.redhat.com/security/cve/CVE-2026-42769	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481893	external
https://www.cve.org/CVERecord?id=CVE-2026-42769	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42769	external
https://access.redhat.com/security/cve/CVE-2026-42770	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481894	external
https://www.cve.org/CVERecord?id=CVE-2026-42770	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42770	external
https://access.redhat.com/security/cve/CVE-2026-45445	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481896	external
https://www.cve.org/CVERecord?id=CVE-2026-45445	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45445	external
https://access.redhat.com/security/cve/CVE-2026-45446	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481897	external
https://www.cve.org/CVERecord?id=CVE-2026-45446	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45446	external
https://access.redhat.com/security/cve/CVE-2026-45447	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481898	external
https://www.cve.org/CVERecord?id=CVE-2026-45447	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45447	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for openssl is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383)\n\n* openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076)\n\n* openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180)\n\n* openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181)\n\n* openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182)\n\n* openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183)\n\n* openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764)\n\n* openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766)\n\n* openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767)\n\n* openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768)\n\n* openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769)\n\n* openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770)\n\n* openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445)\n\n* openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446)\n\n* openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:25237",
        "url": "https://access.redhat.com/errata/RHSA-2026:25237"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2481879",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481879"
      },
      {
        "category": "external",
        "summary": "2481880",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481880"
      },
      {
        "category": "external",
        "summary": "2481881",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481881"
      },
      {
        "category": "external",
        "summary": "2481882",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481882"
      },
      {
        "category": "external",
        "summary": "2481884",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481884"
      },
      {
        "category": "external",
        "summary": "2481885",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481885"
      },
      {
        "category": "external",
        "summary": "2481887",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481887"
      },
      {
        "category": "external",
        "summary": "2481890",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481890"
      },
      {
        "category": "external",
        "summary": "2481891",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481891"
      },
      {
        "category": "external",
        "summary": "2481892",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481892"
      },
      {
        "category": "external",
        "summary": "2481893",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481893"
      },
      {
        "category": "external",
        "summary": "2481894",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481894"
      },
      {
        "category": "external",
        "summary": "2481896",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481896"
      },
      {
        "category": "external",
        "summary": "2481897",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481897"
      },
      {
        "category": "external",
        "summary": "2481898",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481898"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_25237.json"
      }
    ],
    "title": "Red Hat Security Advisory: openssl security update",
    "tracking": {
      "current_release_date": "2026-06-11T16:45:51+00:00",
      "generator": {
        "date": "2026-06-11T16:45:51+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.2"
        }
      },
      "id": "RHSA-2026:25237",
      "initial_release_date": "2026-06-11T13:09:01+00:00",
      "revision_history": [
        {
          "date": "2026-06-11T13:09:01+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-11T13:09:01+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-11T16:45:51+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 10)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 10)",
                  "product_id": "AppStream-10.2.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS (v. 10)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS (v. 10)",
                  "product_id": "BaseOS-10.2.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-devel-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-perl-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-libs-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-devel-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-perl-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-libs-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-devel-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-perl-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-libs-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-devel-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-perl-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-libs-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el10_2.src",
                "product": {
                  "name": "openssl-1:3.5.5-4.el10_2.src",
                  "product_id": "openssl-1:3.5.5-4.el10_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el10_2?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.src",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.src as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.src",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-7383",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2026-05-27T13:08:15.013000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481879"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A signed integer overflow vulnerability exists when sizing the destination buffer for Unicode output. This can lead to a heap buffer overflow, which may result in a crash or potentially allow an attacker to execute arbitrary code. Exploitation requires an application to directly call specific functions with a large amount of attacker-controlled input.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Low impact. This flaw in OpenSSL\u0027s ASN1_mbstring_ncopy() function, leading to a heap buffer overflow, is difficult to exploit in typical Red Hat environments. Exploitation requires an application to directly call the vulnerable function with an extremely large, attacker-controlled input (over half a gigabyte), a scenario not present in standard OpenSSL certificate or network protocol handling.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-7383"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481879",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481879"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-7383",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-7383"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-7383",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7383"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing"
    },
    {
      "cve": "CVE-2026-9076",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-05-27T13:10:14.368000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481880"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. When processing attacker-supplied Cryptographic Message Syntax (CMS) data using password-based decryption, an attacker can choose a stream-mode Key Encryption Key (KEK) cipher. This can trigger a heap out-of-bounds read, potentially causing an application crash and leading to a Denial of Service (DoS). This vulnerability does not require password knowledge and can be exploited before authentication.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Low impact denial of service due to a heap out-of-bounds read in `kek_unwrap_key()` when processing attacker-supplied CMS data with an attacker-chosen stream-mode KEK cipher. This flaw requires specific memory conditions (input buffer ending at a page boundary with an unmapped following page) to trigger a crash, which is uncommon in typical Red Hat environments. No information disclosure is possible, and FIPS modules are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-9076"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481880",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481880"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-9076",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-9076"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9076",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9076"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption"
    },
    {
      "cve": "CVE-2026-34180",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2026-05-27T13:10:51.985000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481881"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. An integer truncation vulnerability in the ASN.1 decoder can occur when processing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes. A remote attacker could exploit this to cause a heap buffer over-read. This may lead to an application crash, resulting in a Denial of Service (DoS), or potentially disclose sensitive information by loading memory contents beyond the input buffer. This issue primarily affects 64-bit Unix and Unix-like platforms.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low impact vulnerability in OpenSSL\u0027s ASN.1 decoder affects 64-bit Unix-like platforms, where processing a crafted DER-encoded ASN.1 structure exceeding 2 gigabytes can lead to a heap buffer over-read. This may result in application crashes (Denial of Service) or unintended memory exposure. Red Hat products are only affected if they process untrusted, excessively large ASN.1 input using OpenSSL\u0027s d2i_* decoding functions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34180"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481881",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481881"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34180",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34180"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34180",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34180"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure."
    },
    {
      "cve": "CVE-2026-34181",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-05-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481882"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to forge PKCS#12 (Public-Key Cryptography Standards #12) files that use Password-Based Message Authentication Code 1 (PBMAC1) with short HMAC (Hash-based Message Authentication Code) keys. This can lead to a service accepting attacker-controlled certificates and private keys with a 1 in 256 probability, potentially enabling impersonation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Low: This flaw allows an attacker to forge PKCS#12 files with a 1 in 256 probability, leading to the acceptance of attacker-controlled certificates and private keys by services configured to use PBMAC1 authentication. Red Hat products utilizing OpenSSL versions 3.0, 1.1.1, or 1.0.2 are not affected, as these versions do not support PBMAC1 in PKCS#12.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34181"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481882",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481882"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34181",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34181"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34181",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34181"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys"
    },
    {
      "cve": "CVE-2026-34182",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "discovery_date": "2026-05-27T13:59:43+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481884"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s Cryptographic Message Services (CMS) AuthEnvelopedData processing. An on-path attacker can exploit insufficient input validation on cipher and tag length fields by sending specially crafted CMS messages. This can lead to the forging of messages or bypassing integrity validation. Consequently, an attacker may achieve key-equivalent functionality for a given CMS recipient.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Moderate: This flaw in OpenSSL\u0027s Cryptographic Message Services (CMS) AuthEnvelopedData processing could allow an on-path attacker to forge messages or bypass integrity validation. This is due to insufficient input validation on cipher and tag length fields, potentially leading to key-equivalent functionality or integrity bypass in applications utilizing affected OpenSSL versions for CMS AuthEnvelopedData.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34182"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481884",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481884"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34182",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34182"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34182",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34182"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Systems configured to operate in FIPS mode are not affected by this vulnerability. To mitigate this issue, ensure that OpenSSL is operating in FIPS mode by enabling the system-wide FIPS policy. This may have broader implications for cryptographic operations on the system and should be evaluated for compatibility with existing applications. A system reboot may be required for the changes to take effect.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages"
    },
    {
      "cve": "CVE-2026-34183",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-05-27T14:04:59+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481885"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s QUIC PATH_CHALLENGE handler. A remote attacker can exploit this vulnerability by flooding a QUIC client or server with specially crafted PATH_CHALLENGE frames. This leads to unbounded memory allocation within the local QUIC stack, as the system continuously allocates PATH_RESPONSE frames without them being acknowledged. The primary consequence is a Denial of Service (DoS), causing the affected application to terminate abnormally due to memory exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A Moderate severity flaw exists in the QUIC PATH_CHALLENGE handler, allowing a remote attacker to exhaust heap memory of a QUIC client or server. By flooding the local QUIC stack with PATH_CHALLENGE frames, a malicious peer can trigger unbounded memory allocation, leading to a denial of service for applications utilizing the vulnerable QUIC implementation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34183"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481885",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481885"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34183"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler"
    },
    {
      "cve": "CVE-2026-42764",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:08:07+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481887"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the OpenSSL QUIC (Quick UDP Internet Connections) server. A remote attacker could send a specially crafted QUIC initial packet with an invalid token. If the server\u0027s address validation is explicitly disabled, this could lead to a NULL pointer dereference, causing the server process to terminate abnormally and resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: NULL pointer dereference in QUIC server initial packet handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Moderate severity issue. A NULL pointer dereference can occur in the OpenSSL QUIC server when processing initial packets with invalid tokens, leading to a denial of service. This vulnerability is only exploitable if the client address validation is explicitly disabled using the `SSL_LISTENER_FLAG_NO_VALIDATE` flag, which is not the default configuration for OpenSSL QUIC servers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42764"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481887",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481887"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42764",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42764"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42764",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42764"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, ensure that the OpenSSL QUIC server has client address validation enabled. This is the default configuration. If the `SSL_LISTENER_FLAG_NO_VALIDATE` flag is being used with the `SSL_new_listener()` call, it should be removed to prevent the vulnerability from being exploitable.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: NULL pointer dereference in QUIC server initial packet handling"
    },
    {
      "cve": "CVE-2026-42766",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481890"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A remote attacker could exploit a NULL pointer dereference vulnerability in the Cryptographic Message Syntax (CMS) decryption process by providing a specially crafted password-encrypted CMS message. This occurs because the keyDerivationAlgorithm field, which is optional, is dereferenced without proper validation. Successful exploitation leads to an application crash, resulting in a Denial of Service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Possible NULL Dereference in Password-Based CMS Decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue is rated as Low impact. A NULL pointer dereference in OpenSSL\u0027s CMS decryption can be triggered by a specially crafted password-encrypted CMS message, leading to an Red Hat application crash and Denial of Service. This affects applications that perform password-based CMS decryption.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42766"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481890",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481890"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42766",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42766"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42766",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42766"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Possible NULL Dereference in Password-Based CMS Decryption"
    },
    {
      "cve": "CVE-2026-42767",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481891"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol (CMP) server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format (CRMF) CertRepMessage with a specific malformed EncryptedValue structure, would trigger a NULL pointer dereference in the OpenSSL CMP client. This vulnerability leads to a crash of the application, resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Low severity issue. A null pointer dereference flaw in the OpenSSL Certificate Management Protocol (CMP) client could be triggered by an attacker-controlled CMP server. This could lead to a denial of service in applications that process untrusted CMP/CRMF messages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42767"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481891",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481891"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42767",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42767"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42767",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42767"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, ensure that OpenSSL CMP client applications only communicate with trusted Certificate Management Protocol (CMP) servers. If CMP client functionality is not required, consider disabling or restricting its use to reduce exposure.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption"
    },
    {
      "cve": "CVE-2026-42768",
      "cwe": {
        "id": "CWE-205",
        "name": "Observable Behavioral Discrepancy"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481892"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s CMS_decrypt() and PKCS7_decrypt() functions. This vulnerability, a Bleichenbacher-style oracle, could allow a remote attacker to decrypt or sign messages using the victim\u0027s private RSA key. Exploitation requires the attacker to provide specially crafted CMS or S/MIME messages and observe the application\u0027s error codes or decryption output. While the attack is technically possible, the specific conditions required make it unlikely to be exploited in typical deployments.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low severity vulnerability in OpenSSL\u0027s CMS_decrypt() and PKCS7_decrypt() functions exposes a Bleichenbacher-style oracle. Exploitation requires an attacker to control input CMS/S/MIME messages and observe decryption errors or output, a scenario deemed unlikely in most Red Hat product deployments. The attack could allow decryption or signing of messages with a victim\u0027s private RSA key.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42768"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481892",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481892"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42768",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42768"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42768",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42768"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, applications utilizing CMS_decrypt() or PKCS7_decrypt() should ensure a recipient certificate is always provided to identify the specific RecipientInfo for decryption. This practice helps prevent the Bleichenbacher-style oracle attack by ensuring proper key identification.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()"
    },
    {
      "cve": "CVE-2026-42769",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481893"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Certificate Management Protocol (CMP) implementation within OpenSSL. An attacker with existing Registration Authority (RA) level credentials could exploit an error in the certificate verification process during a Root Certificate Authority (CA) key update. This vulnerability allows the attacker to replace the root CA certificate for CMP clients with a fraudulent one. The primary consequence is an escalation of privileges, enabling the attacker to gain control equivalent to the root CA.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue has a Low impact as it requires an attacker to already possess valid Registration Authority (RA) level credentials to exploit. A flaw in the Certificate Management Protocol (CMP) root CA key update process could allow an RA to substitute the root CA certificate for CMP clients with an arbitrary certificate, potentially leading to a trust-anchor substitution. FIPS modules are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42769"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481893",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481893"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42769",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42769"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42769",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42769"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate"
    },
    {
      "cve": "CVE-2026-42770",
      "cwe": {
        "id": "CWE-354",
        "name": "Improper Validation of Integrity Check Value"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481894"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A malicious peer can exploit this vulnerability by presenting a specially crafted DHX (X9.42) peer key. Due to improper validation of the peer key\u0027s subgroup membership, an attacker can recover the victim\u0027s private key after a small number of key exchange attempts. This information disclosure can lead to unauthorized access or further compromise of affected systems.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: FFC-DH Peer Validation Uses Attacker-Supplied q",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low severity flaw in OpenSSL affects systems configured to use DHX (X9.42) peer keys for key derivation, allowing a malicious peer to potentially recover a victim\u0027s private key. The attack requires specific conditions, such as long-lived RA/CA DHX keys in CMP deployments or bespoke applications utilizing X9.42 DHX static keys with interactive protocols, limiting its broader impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42770"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481894",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481894"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42770",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42770"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42770",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42770"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: FFC-DH Peer Validation Uses Attacker-Supplied q"
    },
    {
      "cve": "CVE-2026-45445",
      "cwe": {
        "id": "CWE-1204",
        "name": "Generation of Weak Initialization Vector (IV)"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481896"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface (EVP_Cipher()) will have their provided Initialization Vector (IV) silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the confidentiality of encrypted data. Additionally, this issue allows for the universal forgery of authentication tags, undermining the integrity of communications.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: AES-OCB IV Ignored on EVP_Cipher() Path",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Moderate severity flaw where applications utilizing the AES-OCB cipher through OpenSSL\u0027s EVP_Cipher() one-shot interface may silently discard the provided initialization vector (IV). This leads to nonce reuse, compromising confidentiality and enabling universal forgery of authentication tags. Red Hat products are primarily affected if they include or rely on third-party applications that specifically employ this less common and discouraged API usage with AES-OCB, as standard OpenSSL SSL/TLS implementations and applications using the recommended streaming AEAD API are not impacted.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45445"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481896",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481896"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45445",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45445"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45445",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45445"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: AES-OCB IV Ignored on EVP_Cipher() Path"
    },
    {
      "cve": "CVE-2026-45446",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481897"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. The implementations of AES-SIV (Advanced Encryption Standard - SIV) and AES-GCM-SIV (Advanced Encryption Standard - Galois/Counter Mode - SIV) incorrectly process authentication tags for empty messages. This vulnerability allows a remote attacker to forge empty messages with arbitrary Additional Authenticated Data (AAD) in applications that utilize these specific cipher modes within custom protocols and do not properly handle zero-length ciphertexts. This could lead to unauthorized data manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is rated as Low impact. It affects applications that utilize OpenSSL\u0027s AES-SIV or AES-GCM-SIV modes within custom protocols and specifically mishandle empty ciphertexts. Standard OpenSSL protocols, such as TLS, are not affected. Successful exploitation requires an application to use the EVP interface and to skip ciphertext updates when processing zero-length ciphertexts, representing an uncommon and non-default configuration.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45446"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481897",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481897"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45446",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45446"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45446",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45446"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "The vulnerability arises from specific application implementations using OpenSSL\u0027s AES-SIV or AES-GCM-SIV modes with custom protocols and an atypical handling of empty ciphertexts. As this scenario is not a default or commonly deployed configuration in Red Hat products, and no direct configuration or operational control exists to mitigate this specific flaw without patching, the following applies:\n\nMitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes"
    },
    {
      "cve": "CVE-2026-45447",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481898"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#7 or S/MIME (Secure/Multipurpose Internet Mail Extensions) signed message, a heap use-after-free vulnerability in the PKCS7_verify() function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, leading to incorrect memory deallocation. A remote attacker could exploit this to cause application crashes, memory corruption, or potentially achieve remote code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This High severity heap use-after-free flaw in OpenSSL\u0027s PKCS7_verify() function can be triggered by processing a specially crafted PKCS#7 or S/MIME signed message. This could lead to application crashes, memory corruption, or potentially remote code execution, impacting services that handle such messages. The vulnerability specifically affects applications utilizing OpenSSL PKCS#7 APIs, while those using CMS APIs are not impacted.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45447"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481898",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481898"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45447",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45447"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45447",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45447"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()"
    }
  ]
}

RHSA-2026:25239

Vulnerability from csaf_redhat - Published: 2026-06-11 13:24 - Updated: 2026-06-11 16:45

Summary

Red Hat Security Advisory: openssl security update

Severity

Important

Notes

Topic: An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

CVE-2026-7383

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-9076

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34180

5.0 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34181

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34182

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-34183

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-42764

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-42766

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42767

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42768

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-205 - Observable Behavioral Discrepancy

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42769

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-295 - Improper Certificate Validation

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42770

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-354 - Improper Validation of Integrity Check Value

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-45445

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-1204 - Generation of Weak Initialization Vector (IV)

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-45446

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-45447

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-825 - Expired Pointer Dereference

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

References

78 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:25239	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481879	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481880	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481881	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481882	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481884	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481885	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481887	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481890	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481891	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481892	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481893	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481894	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481896	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481897	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481898	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2026-7383	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481879	external
https://www.cve.org/CVERecord?id=CVE-2026-7383	external
https://nvd.nist.gov/vuln/detail/CVE-2026-7383	external
https://access.redhat.com/security/cve/CVE-2026-9076	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481880	external
https://www.cve.org/CVERecord?id=CVE-2026-9076	external
https://nvd.nist.gov/vuln/detail/CVE-2026-9076	external
https://access.redhat.com/security/cve/CVE-2026-34180	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481881	external
https://www.cve.org/CVERecord?id=CVE-2026-34180	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34180	external
https://access.redhat.com/security/cve/CVE-2026-34181	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481882	external
https://www.cve.org/CVERecord?id=CVE-2026-34181	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34181	external
https://access.redhat.com/security/cve/CVE-2026-34182	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481884	external
https://www.cve.org/CVERecord?id=CVE-2026-34182	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34182	external
https://access.redhat.com/security/cve/CVE-2026-34183	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481885	external
https://www.cve.org/CVERecord?id=CVE-2026-34183	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34183	external
https://access.redhat.com/security/cve/CVE-2026-42764	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481887	external
https://www.cve.org/CVERecord?id=CVE-2026-42764	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42764	external
https://access.redhat.com/security/cve/CVE-2026-42766	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481890	external
https://www.cve.org/CVERecord?id=CVE-2026-42766	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42766	external
https://access.redhat.com/security/cve/CVE-2026-42767	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481891	external
https://www.cve.org/CVERecord?id=CVE-2026-42767	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42767	external
https://access.redhat.com/security/cve/CVE-2026-42768	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481892	external
https://www.cve.org/CVERecord?id=CVE-2026-42768	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42768	external
https://access.redhat.com/security/cve/CVE-2026-42769	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481893	external
https://www.cve.org/CVERecord?id=CVE-2026-42769	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42769	external
https://access.redhat.com/security/cve/CVE-2026-42770	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481894	external
https://www.cve.org/CVERecord?id=CVE-2026-42770	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42770	external
https://access.redhat.com/security/cve/CVE-2026-45445	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481896	external
https://www.cve.org/CVERecord?id=CVE-2026-45445	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45445	external
https://access.redhat.com/security/cve/CVE-2026-45446	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481897	external
https://www.cve.org/CVERecord?id=CVE-2026-45446	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45446	external
https://access.redhat.com/security/cve/CVE-2026-45447	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481898	external
https://www.cve.org/CVERecord?id=CVE-2026-45447	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45447	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for openssl is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383)\n\n* openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076)\n\n* openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180)\n\n* openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181)\n\n* openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182)\n\n* openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183)\n\n* openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764)\n\n* openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766)\n\n* openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767)\n\n* openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768)\n\n* openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769)\n\n* openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770)\n\n* openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445)\n\n* openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446)\n\n* openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:25239",
        "url": "https://access.redhat.com/errata/RHSA-2026:25239"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2481879",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481879"
      },
      {
        "category": "external",
        "summary": "2481880",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481880"
      },
      {
        "category": "external",
        "summary": "2481881",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481881"
      },
      {
        "category": "external",
        "summary": "2481882",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481882"
      },
      {
        "category": "external",
        "summary": "2481884",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481884"
      },
      {
        "category": "external",
        "summary": "2481885",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481885"
      },
      {
        "category": "external",
        "summary": "2481887",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481887"
      },
      {
        "category": "external",
        "summary": "2481890",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481890"
      },
      {
        "category": "external",
        "summary": "2481891",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481891"
      },
      {
        "category": "external",
        "summary": "2481892",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481892"
      },
      {
        "category": "external",
        "summary": "2481893",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481893"
      },
      {
        "category": "external",
        "summary": "2481894",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481894"
      },
      {
        "category": "external",
        "summary": "2481896",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481896"
      },
      {
        "category": "external",
        "summary": "2481897",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481897"
      },
      {
        "category": "external",
        "summary": "2481898",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481898"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_25239.json"
      }
    ],
    "title": "Red Hat Security Advisory: openssl security update",
    "tracking": {
      "current_release_date": "2026-06-11T16:45:52+00:00",
      "generator": {
        "date": "2026-06-11T16:45:52+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.2"
        }
      },
      "id": "RHSA-2026:25239",
      "initial_release_date": "2026-06-11T13:24:31+00:00",
      "revision_history": [
        {
          "date": "2026-06-11T13:24:31+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-11T13:24:31+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-11T16:45:52+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                  "product_id": "AppStream-9.8.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                  "product_id": "BaseOS-9.8.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el9_8.src",
                "product": {
                  "name": "openssl-1:3.5.5-4.el9_8.src",
                  "product_id": "openssl-1:3.5.5-4.el9_8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el9_8?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-libs-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-devel-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-perl-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-libs-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-devel-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-perl-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-libs-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-devel-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-perl-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el9_8.i686",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el9_8.i686",
                  "product_id": "openssl-libs-1:3.5.5-4.el9_8.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el9_8?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el9_8.i686",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el9_8.i686",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el9_8.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el9_8?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el9_8.i686",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el9_8.i686",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el9_8.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el9_8?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el9_8?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el9_8.i686",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el9_8.i686",
                  "product_id": "openssl-devel-1:3.5.5-4.el9_8.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el9_8?arch=i686\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-libs-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-devel-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-perl-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.src",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.src",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-7383",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2026-05-27T13:08:15.013000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481879"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A signed integer overflow vulnerability exists when sizing the destination buffer for Unicode output. This can lead to a heap buffer overflow, which may result in a crash or potentially allow an attacker to execute arbitrary code. Exploitation requires an application to directly call specific functions with a large amount of attacker-controlled input.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Low impact. This flaw in OpenSSL\u0027s ASN1_mbstring_ncopy() function, leading to a heap buffer overflow, is difficult to exploit in typical Red Hat environments. Exploitation requires an application to directly call the vulnerable function with an extremely large, attacker-controlled input (over half a gigabyte), a scenario not present in standard OpenSSL certificate or network protocol handling.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-7383"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481879",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481879"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-7383",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-7383"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-7383",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7383"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing"
    },
    {
      "cve": "CVE-2026-9076",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-05-27T13:10:14.368000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481880"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. When processing attacker-supplied Cryptographic Message Syntax (CMS) data using password-based decryption, an attacker can choose a stream-mode Key Encryption Key (KEK) cipher. This can trigger a heap out-of-bounds read, potentially causing an application crash and leading to a Denial of Service (DoS). This vulnerability does not require password knowledge and can be exploited before authentication.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Low impact denial of service due to a heap out-of-bounds read in `kek_unwrap_key()` when processing attacker-supplied CMS data with an attacker-chosen stream-mode KEK cipher. This flaw requires specific memory conditions (input buffer ending at a page boundary with an unmapped following page) to trigger a crash, which is uncommon in typical Red Hat environments. No information disclosure is possible, and FIPS modules are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-9076"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481880",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481880"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-9076",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-9076"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9076",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9076"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption"
    },
    {
      "cve": "CVE-2026-34180",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2026-05-27T13:10:51.985000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481881"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. An integer truncation vulnerability in the ASN.1 decoder can occur when processing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes. A remote attacker could exploit this to cause a heap buffer over-read. This may lead to an application crash, resulting in a Denial of Service (DoS), or potentially disclose sensitive information by loading memory contents beyond the input buffer. This issue primarily affects 64-bit Unix and Unix-like platforms.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low impact vulnerability in OpenSSL\u0027s ASN.1 decoder affects 64-bit Unix-like platforms, where processing a crafted DER-encoded ASN.1 structure exceeding 2 gigabytes can lead to a heap buffer over-read. This may result in application crashes (Denial of Service) or unintended memory exposure. Red Hat products are only affected if they process untrusted, excessively large ASN.1 input using OpenSSL\u0027s d2i_* decoding functions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34180"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481881",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481881"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34180",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34180"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34180",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34180"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure."
    },
    {
      "cve": "CVE-2026-34181",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-05-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481882"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to forge PKCS#12 (Public-Key Cryptography Standards #12) files that use Password-Based Message Authentication Code 1 (PBMAC1) with short HMAC (Hash-based Message Authentication Code) keys. This can lead to a service accepting attacker-controlled certificates and private keys with a 1 in 256 probability, potentially enabling impersonation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Low: This flaw allows an attacker to forge PKCS#12 files with a 1 in 256 probability, leading to the acceptance of attacker-controlled certificates and private keys by services configured to use PBMAC1 authentication. Red Hat products utilizing OpenSSL versions 3.0, 1.1.1, or 1.0.2 are not affected, as these versions do not support PBMAC1 in PKCS#12.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34181"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481882",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481882"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34181",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34181"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34181",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34181"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys"
    },
    {
      "cve": "CVE-2026-34182",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "discovery_date": "2026-05-27T13:59:43+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481884"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s Cryptographic Message Services (CMS) AuthEnvelopedData processing. An on-path attacker can exploit insufficient input validation on cipher and tag length fields by sending specially crafted CMS messages. This can lead to the forging of messages or bypassing integrity validation. Consequently, an attacker may achieve key-equivalent functionality for a given CMS recipient.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Moderate: This flaw in OpenSSL\u0027s Cryptographic Message Services (CMS) AuthEnvelopedData processing could allow an on-path attacker to forge messages or bypass integrity validation. This is due to insufficient input validation on cipher and tag length fields, potentially leading to key-equivalent functionality or integrity bypass in applications utilizing affected OpenSSL versions for CMS AuthEnvelopedData.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34182"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481884",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481884"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34182",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34182"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34182",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34182"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Systems configured to operate in FIPS mode are not affected by this vulnerability. To mitigate this issue, ensure that OpenSSL is operating in FIPS mode by enabling the system-wide FIPS policy. This may have broader implications for cryptographic operations on the system and should be evaluated for compatibility with existing applications. A system reboot may be required for the changes to take effect.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages"
    },
    {
      "cve": "CVE-2026-34183",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-05-27T14:04:59+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481885"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s QUIC PATH_CHALLENGE handler. A remote attacker can exploit this vulnerability by flooding a QUIC client or server with specially crafted PATH_CHALLENGE frames. This leads to unbounded memory allocation within the local QUIC stack, as the system continuously allocates PATH_RESPONSE frames without them being acknowledged. The primary consequence is a Denial of Service (DoS), causing the affected application to terminate abnormally due to memory exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A Moderate severity flaw exists in the QUIC PATH_CHALLENGE handler, allowing a remote attacker to exhaust heap memory of a QUIC client or server. By flooding the local QUIC stack with PATH_CHALLENGE frames, a malicious peer can trigger unbounded memory allocation, leading to a denial of service for applications utilizing the vulnerable QUIC implementation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34183"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481885",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481885"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34183"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler"
    },
    {
      "cve": "CVE-2026-42764",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:08:07+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481887"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the OpenSSL QUIC (Quick UDP Internet Connections) server. A remote attacker could send a specially crafted QUIC initial packet with an invalid token. If the server\u0027s address validation is explicitly disabled, this could lead to a NULL pointer dereference, causing the server process to terminate abnormally and resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: NULL pointer dereference in QUIC server initial packet handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Moderate severity issue. A NULL pointer dereference can occur in the OpenSSL QUIC server when processing initial packets with invalid tokens, leading to a denial of service. This vulnerability is only exploitable if the client address validation is explicitly disabled using the `SSL_LISTENER_FLAG_NO_VALIDATE` flag, which is not the default configuration for OpenSSL QUIC servers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42764"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481887",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481887"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42764",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42764"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42764",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42764"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, ensure that the OpenSSL QUIC server has client address validation enabled. This is the default configuration. If the `SSL_LISTENER_FLAG_NO_VALIDATE` flag is being used with the `SSL_new_listener()` call, it should be removed to prevent the vulnerability from being exploitable.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: NULL pointer dereference in QUIC server initial packet handling"
    },
    {
      "cve": "CVE-2026-42766",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481890"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A remote attacker could exploit a NULL pointer dereference vulnerability in the Cryptographic Message Syntax (CMS) decryption process by providing a specially crafted password-encrypted CMS message. This occurs because the keyDerivationAlgorithm field, which is optional, is dereferenced without proper validation. Successful exploitation leads to an application crash, resulting in a Denial of Service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Possible NULL Dereference in Password-Based CMS Decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue is rated as Low impact. A NULL pointer dereference in OpenSSL\u0027s CMS decryption can be triggered by a specially crafted password-encrypted CMS message, leading to an Red Hat application crash and Denial of Service. This affects applications that perform password-based CMS decryption.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42766"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481890",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481890"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42766",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42766"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42766",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42766"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Possible NULL Dereference in Password-Based CMS Decryption"
    },
    {
      "cve": "CVE-2026-42767",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481891"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol (CMP) server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format (CRMF) CertRepMessage with a specific malformed EncryptedValue structure, would trigger a NULL pointer dereference in the OpenSSL CMP client. This vulnerability leads to a crash of the application, resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Low severity issue. A null pointer dereference flaw in the OpenSSL Certificate Management Protocol (CMP) client could be triggered by an attacker-controlled CMP server. This could lead to a denial of service in applications that process untrusted CMP/CRMF messages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42767"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481891",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481891"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42767",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42767"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42767",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42767"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, ensure that OpenSSL CMP client applications only communicate with trusted Certificate Management Protocol (CMP) servers. If CMP client functionality is not required, consider disabling or restricting its use to reduce exposure.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption"
    },
    {
      "cve": "CVE-2026-42768",
      "cwe": {
        "id": "CWE-205",
        "name": "Observable Behavioral Discrepancy"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481892"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s CMS_decrypt() and PKCS7_decrypt() functions. This vulnerability, a Bleichenbacher-style oracle, could allow a remote attacker to decrypt or sign messages using the victim\u0027s private RSA key. Exploitation requires the attacker to provide specially crafted CMS or S/MIME messages and observe the application\u0027s error codes or decryption output. While the attack is technically possible, the specific conditions required make it unlikely to be exploited in typical deployments.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low severity vulnerability in OpenSSL\u0027s CMS_decrypt() and PKCS7_decrypt() functions exposes a Bleichenbacher-style oracle. Exploitation requires an attacker to control input CMS/S/MIME messages and observe decryption errors or output, a scenario deemed unlikely in most Red Hat product deployments. The attack could allow decryption or signing of messages with a victim\u0027s private RSA key.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42768"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481892",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481892"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42768",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42768"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42768",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42768"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, applications utilizing CMS_decrypt() or PKCS7_decrypt() should ensure a recipient certificate is always provided to identify the specific RecipientInfo for decryption. This practice helps prevent the Bleichenbacher-style oracle attack by ensuring proper key identification.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()"
    },
    {
      "cve": "CVE-2026-42769",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481893"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Certificate Management Protocol (CMP) implementation within OpenSSL. An attacker with existing Registration Authority (RA) level credentials could exploit an error in the certificate verification process during a Root Certificate Authority (CA) key update. This vulnerability allows the attacker to replace the root CA certificate for CMP clients with a fraudulent one. The primary consequence is an escalation of privileges, enabling the attacker to gain control equivalent to the root CA.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue has a Low impact as it requires an attacker to already possess valid Registration Authority (RA) level credentials to exploit. A flaw in the Certificate Management Protocol (CMP) root CA key update process could allow an RA to substitute the root CA certificate for CMP clients with an arbitrary certificate, potentially leading to a trust-anchor substitution. FIPS modules are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42769"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481893",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481893"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42769",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42769"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42769",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42769"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate"
    },
    {
      "cve": "CVE-2026-42770",
      "cwe": {
        "id": "CWE-354",
        "name": "Improper Validation of Integrity Check Value"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481894"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A malicious peer can exploit this vulnerability by presenting a specially crafted DHX (X9.42) peer key. Due to improper validation of the peer key\u0027s subgroup membership, an attacker can recover the victim\u0027s private key after a small number of key exchange attempts. This information disclosure can lead to unauthorized access or further compromise of affected systems.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: FFC-DH Peer Validation Uses Attacker-Supplied q",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low severity flaw in OpenSSL affects systems configured to use DHX (X9.42) peer keys for key derivation, allowing a malicious peer to potentially recover a victim\u0027s private key. The attack requires specific conditions, such as long-lived RA/CA DHX keys in CMP deployments or bespoke applications utilizing X9.42 DHX static keys with interactive protocols, limiting its broader impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42770"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481894",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481894"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42770",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42770"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42770",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42770"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: FFC-DH Peer Validation Uses Attacker-Supplied q"
    },
    {
      "cve": "CVE-2026-45445",
      "cwe": {
        "id": "CWE-1204",
        "name": "Generation of Weak Initialization Vector (IV)"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481896"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface (EVP_Cipher()) will have their provided Initialization Vector (IV) silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the confidentiality of encrypted data. Additionally, this issue allows for the universal forgery of authentication tags, undermining the integrity of communications.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: AES-OCB IV Ignored on EVP_Cipher() Path",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Moderate severity flaw where applications utilizing the AES-OCB cipher through OpenSSL\u0027s EVP_Cipher() one-shot interface may silently discard the provided initialization vector (IV). This leads to nonce reuse, compromising confidentiality and enabling universal forgery of authentication tags. Red Hat products are primarily affected if they include or rely on third-party applications that specifically employ this less common and discouraged API usage with AES-OCB, as standard OpenSSL SSL/TLS implementations and applications using the recommended streaming AEAD API are not impacted.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45445"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481896",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481896"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45445",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45445"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45445",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45445"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: AES-OCB IV Ignored on EVP_Cipher() Path"
    },
    {
      "cve": "CVE-2026-45446",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481897"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. The implementations of AES-SIV (Advanced Encryption Standard - SIV) and AES-GCM-SIV (Advanced Encryption Standard - Galois/Counter Mode - SIV) incorrectly process authentication tags for empty messages. This vulnerability allows a remote attacker to forge empty messages with arbitrary Additional Authenticated Data (AAD) in applications that utilize these specific cipher modes within custom protocols and do not properly handle zero-length ciphertexts. This could lead to unauthorized data manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is rated as Low impact. It affects applications that utilize OpenSSL\u0027s AES-SIV or AES-GCM-SIV modes within custom protocols and specifically mishandle empty ciphertexts. Standard OpenSSL protocols, such as TLS, are not affected. Successful exploitation requires an application to use the EVP interface and to skip ciphertext updates when processing zero-length ciphertexts, representing an uncommon and non-default configuration.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45446"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481897",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481897"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45446",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45446"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45446",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45446"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "The vulnerability arises from specific application implementations using OpenSSL\u0027s AES-SIV or AES-GCM-SIV modes with custom protocols and an atypical handling of empty ciphertexts. As this scenario is not a default or commonly deployed configuration in Red Hat products, and no direct configuration or operational control exists to mitigate this specific flaw without patching, the following applies:\n\nMitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes"
    },
    {
      "cve": "CVE-2026-45447",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481898"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#7 or S/MIME (Secure/Multipurpose Internet Mail Extensions) signed message, a heap use-after-free vulnerability in the PKCS7_verify() function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, leading to incorrect memory deallocation. A remote attacker could exploit this to cause application crashes, memory corruption, or potentially achieve remote code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This High severity heap use-after-free flaw in OpenSSL\u0027s PKCS7_verify() function can be triggered by processing a specially crafted PKCS#7 or S/MIME signed message. This could lead to application crashes, memory corruption, or potentially remote code execution, impacting services that handle such messages. The vulnerability specifically affects applications utilizing OpenSSL PKCS#7 APIs, while those using CMS APIs are not impacted.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45447"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481898",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481898"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45447",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45447"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45447",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45447"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-42769 (GCVE-0-2026-42769)

alsa-2026:25237

Vulnerability from osv_almalinux

CERTFR-2026-AVI-0717

Solutions

FKIE_CVE-2026-42769

GHSA-RPJ2-P5PJ-R33V

RHSA-2026:25237

RHSA-2026:25239

Tags

Sightings

Nomenclature