Vulnerability-Lookup

CVE-2026-9076 (GCVE-0-2026-9076)

Vulnerability from cvelistv5 – Published: 2026-06-09 16:03 – Updated: 2026-06-10 07:47

Title

Out-of-Bounds Read in CMS Password-Based Decryption

Summary

Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not revealed to the attacker. The key unwrapping function performs a check-byte test as specified in the RFC that reads 7 bytes from a heap allocation that is based on the wrapped key length from the message. There is a minimum length check based on the block length of the wrapping cipher. However the cipher is selected from an OID carried in the attacker's PWRI keyEncryptionAlgorithm with no requirement that the cipher be a block cipher. When an attacker selects a stream-mode cipher the guard will be ineffective and the allocated buffer containing the unwrapped key can be too small to fit the check-bytes specified in the RFC and a buffer over-read can happen. Applications calling CMS_decrypt() or CMS_decrypt_set1_password() (equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS data are vulnerable to this issue. No password knowledge is required: the over-read happens during the unwrap attempt before any authentication succeeds. The over-read is limited to a few bytes and is not written to output, so there is no information disclosure. Triggering a crash requires the allocation to border unmapped memory, which is unlikely with the normal allocator. The FIPS modules are not affected by this issue.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-125 - Out-of-bounds Read

Assigner

openssl

References

6 references

URL	Tags
https://openssl-library.org/news/secadv/20260609.txt	vendor-advisory
https://github.com/openssl/openssl/commit/3d8d5bc…	patch
https://github.com/openssl/openssl/commit/77bf00a…	patch
https://github.com/openssl/openssl/commit/715349a…	patch
https://github.com/openssl/openssl/commit/05b0663…	patch
https://github.com/openssl/openssl/commit/eecbe33…	patch

Impacted products

1 product

Vendor	Product	Version
OpenSSL	OpenSSL	Affected: 4.0.0 , < 4.0.1 (semver) Affected: 3.6.0 , < 3.6.3 (semver) Affected: 3.5.0 , < 3.5.7 (semver) Affected: 3.4.0 , < 3.4.6 (semver) Affected: 3.0.0 , < 3.0.21 (semver) Affected: 1.1.1 , < 1.1.1zh (custom) Affected: 1.0.2 , < 1.0.2zq (custom)

Date Public

2026-06-09 14:00

Credits

Bhabani Sankar Das Haruki Oyama (Waseda University) Nikola Pajkovsky

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-9076",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T19:04:07.840133Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T19:04:20.258Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "4.0.1",
              "status": "affected",
              "version": "4.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.6.3",
              "status": "affected",
              "version": "3.6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.5.7",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.4.6",
              "status": "affected",
              "version": "3.4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.0.21",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.1.1zh",
              "status": "affected",
              "version": "1.1.1",
              "versionType": "custom"
            },
            {
              "lessThan": "1.0.2zq",
              "status": "affected",
              "version": "1.0.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Bhabani Sankar Das"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Haruki Oyama (Waseda University)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Nikola Pajkovsky"
        }
      ],
      "datePublic": "2026-06-09T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\u003cbr\u003eprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\u003cbr\u003ecipher can trigger a heap out-of-bounds read in kek_unwrap_key().\u003cbr\u003e\u003cbr\u003eImpact summary: A heap buffer over-read may trigger a crash which leads to\u003cbr\u003eDenial of Service for an application if the input buffer ends at a memory\u003cbr\u003epage boundary and the following page is unmapped. There is no information\u003cbr\u003edisclosure as the over-read bytes are not revealed to the attacker.\u003cbr\u003e\u003cbr\u003eThe key unwrapping function performs a check-byte test as specified in the\u003cbr\u003eRFC that reads 7 bytes from a heap allocation that is based on the wrapped\u003cbr\u003ekey length from the message. There is a minimum length check based on the\u003cbr\u003eblock length of the wrapping cipher. However the cipher is selected from\u003cbr\u003ean OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\u003cbr\u003erequirement that the cipher be a block cipher. When an attacker selects\u003cbr\u003ea stream-mode cipher the guard will be ineffective and the allocated buffer\u003cbr\u003econtaining the unwrapped key can be too small to fit the check-bytes\u003cbr\u003especified in the RFC and a buffer over-read can happen.\u003cbr\u003e\u003cbr\u003eApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\u003cbr\u003e(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\u003cbr\u003edata are vulnerable to this issue. No password knowledge is required: the\u003cbr\u003eover-read happens during the unwrap attempt before any authentication\u003cbr\u003esucceeds.\u003cbr\u003e\u003cbr\u003eThe over-read is limited to a few bytes and is not written to output, so\u003cbr\u003ethere is no information disclosure. Triggering a crash requires the\u003cbr\u003eallocation to border unmapped memory, which is unlikely with the normal\u003cbr\u003eallocator.\u003cbr\u003e\u003cbr\u003eThe FIPS modules are not affected by this issue."
            }
          ],
          "value": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "Low"
            },
            "type": "https://openssl-library.org/policies/general/security-policy/"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T07:47:51.139Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://openssl-library.org/news/secadv/20260609.txt"
        },
        {
          "name": "4.0.1 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/3d8d5bc1056b2f62da9fede23fedbf47e85187b0"
        },
        {
          "name": "3.6.3 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/77bf00ab13f6ff5e516535432f0328ed70ec0c26"
        },
        {
          "name": "3.5.7 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/715349a1d7c6db970e6815dafb90915f07307f98"
        },
        {
          "name": "3.4.6 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/05b066366842f930fadd9a6e94df98030af431bb"
        },
        {
          "name": "3.0.21 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/eecbe330977e8d023aae1ca2d9bdbe983ef3fdc6"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-Bounds Read in CMS Password-Based Decryption",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2026-9076",
    "datePublished": "2026-06-09T16:03:16.306Z",
    "dateReserved": "2026-05-20T12:43:37.677Z",
    "dateUpdated": "2026-06-10T07:47:51.139Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-9076",
      "date": "2026-06-11",
      "epss": "0.00096",
      "percentile": "0.26531"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-9076\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2026-06-09T17:17:50.997\",\"lastModified\":\"2026-06-10T08:16:26.063\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\\n\\nImpact summary: A heap buffer over-read may trigger a crash which leads to\\nDenial of Service for an application if the input buffer ends at a memory\\npage boundary and the following page is unmapped. There is no information\\ndisclosure as the over-read bytes are not revealed to the attacker.\\n\\nThe key unwrapping function performs a check-byte test as specified in the\\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\\nkey length from the message. There is a minimum length check based on the\\nblock length of the wrapping cipher. However the cipher is selected from\\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\\nrequirement that the cipher be a block cipher. When an attacker selects\\na stream-mode cipher the guard will be ineffective and the allocated buffer\\ncontaining the unwrapped key can be too small to fit the check-bytes\\nspecified in the RFC and a buffer over-read can happen.\\n\\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\\ndata are vulnerable to this issue. No password knowledge is required: the\\nover-read happens during the unwrap attempt before any authentication\\nsucceeds.\\n\\nThe over-read is limited to a few bytes and is not written to output, so\\nthere is no information disclosure. Triggering a crash requires the\\nallocation to border unmapped memory, which is unlikely with the normal\\nallocator.\\n\\nThe FIPS modules are not affected by this issue.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/05b066366842f930fadd9a6e94df98030af431bb\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/3d8d5bc1056b2f62da9fede23fedbf47e85187b0\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/715349a1d7c6db970e6815dafb90915f07307f98\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/77bf00ab13f6ff5e516535432f0328ed70ec0c26\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/eecbe330977e8d023aae1ca2d9bdbe983ef3fdc6\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://openssl-library.org/news/secadv/20260609.txt\",\"source\":\"openssl-security@openssl.org\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-9076\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-09T19:04:07.840133Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-09T19:04:03.021Z\"}}], \"cna\": {\"title\": \"Out-of-Bounds Read in CMS Password-Based Decryption\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Bhabani Sankar Das\"}, {\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Haruki Oyama (Waseda University)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Nikola Pajkovsky\"}], \"metrics\": [{\"other\": {\"type\": \"https://openssl-library.org/policies/general/security-policy/\", \"content\": {\"text\": \"Low\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.0.0\", \"lessThan\": \"4.0.1\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.6.0\", \"lessThan\": \"3.6.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.5.0\", \"lessThan\": \"3.5.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.4.0\", \"lessThan\": \"3.4.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.21\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.1.1\", \"lessThan\": \"1.1.1zh\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0.2\", \"lessThan\": \"1.0.2zq\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2026-06-09T14:00:00.000Z\", \"references\": [{\"url\": \"https://openssl-library.org/news/secadv/20260609.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/3d8d5bc1056b2f62da9fede23fedbf47e85187b0\", \"name\": \"4.0.1 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/77bf00ab13f6ff5e516535432f0328ed70ec0c26\", \"name\": \"3.6.3 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/715349a1d7c6db970e6815dafb90915f07307f98\", \"name\": \"3.5.7 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/05b066366842f930fadd9a6e94df98030af431bb\", \"name\": \"3.4.6 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/eecbe330977e8d023aae1ca2d9bdbe983ef3fdc6\", \"name\": \"3.0.21 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\\n\\nImpact summary: A heap buffer over-read may trigger a crash which leads to\\nDenial of Service for an application if the input buffer ends at a memory\\npage boundary and the following page is unmapped. There is no information\\ndisclosure as the over-read bytes are not revealed to the attacker.\\n\\nThe key unwrapping function performs a check-byte test as specified in the\\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\\nkey length from the message. There is a minimum length check based on the\\nblock length of the wrapping cipher. However the cipher is selected from\\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\\nrequirement that the cipher be a block cipher. When an attacker selects\\na stream-mode cipher the guard will be ineffective and the allocated buffer\\ncontaining the unwrapped key can be too small to fit the check-bytes\\nspecified in the RFC and a buffer over-read can happen.\\n\\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\\ndata are vulnerable to this issue. No password knowledge is required: the\\nover-read happens during the unwrap attempt before any authentication\\nsucceeds.\\n\\nThe over-read is limited to a few bytes and is not written to output, so\\nthere is no information disclosure. Triggering a crash requires the\\nallocation to border unmapped memory, which is unlikely with the normal\\nallocator.\\n\\nThe FIPS modules are not affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\u003cbr\u003eprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\u003cbr\u003ecipher can trigger a heap out-of-bounds read in kek_unwrap_key().\u003cbr\u003e\u003cbr\u003eImpact summary: A heap buffer over-read may trigger a crash which leads to\u003cbr\u003eDenial of Service for an application if the input buffer ends at a memory\u003cbr\u003epage boundary and the following page is unmapped. There is no information\u003cbr\u003edisclosure as the over-read bytes are not revealed to the attacker.\u003cbr\u003e\u003cbr\u003eThe key unwrapping function performs a check-byte test as specified in the\u003cbr\u003eRFC that reads 7 bytes from a heap allocation that is based on the wrapped\u003cbr\u003ekey length from the message. There is a minimum length check based on the\u003cbr\u003eblock length of the wrapping cipher. However the cipher is selected from\u003cbr\u003ean OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\u003cbr\u003erequirement that the cipher be a block cipher. When an attacker selects\u003cbr\u003ea stream-mode cipher the guard will be ineffective and the allocated buffer\u003cbr\u003econtaining the unwrapped key can be too small to fit the check-bytes\u003cbr\u003especified in the RFC and a buffer over-read can happen.\u003cbr\u003e\u003cbr\u003eApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\u003cbr\u003e(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\u003cbr\u003edata are vulnerable to this issue. No password knowledge is required: the\u003cbr\u003eover-read happens during the unwrap attempt before any authentication\u003cbr\u003esucceeds.\u003cbr\u003e\u003cbr\u003eThe over-read is limited to a few bytes and is not written to output, so\u003cbr\u003ethere is no information disclosure. Triggering a crash requires the\u003cbr\u003eallocation to border unmapped memory, which is unlikely with the normal\u003cbr\u003eallocator.\u003cbr\u003e\u003cbr\u003eThe FIPS modules are not affected by this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2026-06-10T07:47:51.139Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-9076\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-10T07:47:51.139Z\", \"dateReserved\": \"2026-05-20T12:43:37.677Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2026-06-09T16:03:16.306Z\", \"assignerShortName\": \"openssl\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

alsa-2026:25237

Vulnerability from osv_almalinux

Published

2026-06-11 00:00

Modified

2026-06-11 18:18

Summary

Important: openssl security update

Details

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383)
openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076)
openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180)
openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181)
openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182)
openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183)
openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764)
openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766)
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767)
openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768)
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769)
openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770)
openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445)
openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446)
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2026:25237	ADVISORY
	https://access.redhat.com/security/cve/CVE-2026-34180	REPORT
	https://access.redhat.com/security/cve/CVE-2026-34181	REPORT
	https://access.redhat.com/security/cve/CVE-2026-34182	REPORT
	https://access.redhat.com/security/cve/CVE-2026-34183	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42764	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42766	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42767	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42768	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42769	REPORT
	https://access.redhat.com/security/cve/CVE-2026-42770	REPORT
	https://access.redhat.com/security/cve/CVE-2026-45445	REPORT
	https://access.redhat.com/security/cve/CVE-2026-45446	REPORT
	https://access.redhat.com/security/cve/CVE-2026-45447	REPORT
	https://access.redhat.com/security/cve/CVE-2026-7383	REPORT
	https://access.redhat.com/security/cve/CVE-2026-9076	REPORT
	https://bugzilla.redhat.com/2481879	REPORT
	https://bugzilla.redhat.com/2481880	REPORT
	https://bugzilla.redhat.com/2481881	REPORT
	https://bugzilla.redhat.com/2481882	REPORT
	https://bugzilla.redhat.com/2481884	REPORT
	https://bugzilla.redhat.com/2481885	REPORT
	https://bugzilla.redhat.com/2481887	REPORT
	https://bugzilla.redhat.com/2481890	REPORT
	https://bugzilla.redhat.com/2481891	REPORT
	https://bugzilla.redhat.com/2481892	REPORT
	https://bugzilla.redhat.com/2481893	REPORT
	https://bugzilla.redhat.com/2481894	REPORT
	https://bugzilla.redhat.com/2481896	REPORT
	https://bugzilla.redhat.com/2481897	REPORT
	https://bugzilla.redhat.com/2481898	REPORT
	https://errata.almalinux.org/10/ALSA-2026-25237.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "openssl"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:3.5.5-4.el10_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "openssl-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:3.5.5-4.el10_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "openssl-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:3.5.5-4.el10_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "openssl-perl"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:3.5.5-4.el10_2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.  \n\nSecurity Fix(es):  \n\n  * openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383)\n  * openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076)\n  * openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180)\n  * openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181)\n  * openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182)\n  * openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183)\n  * openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764)\n  * openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766)\n  * openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767)\n  * openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768)\n  * openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769)\n  * openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770)\n  * openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445)\n  * openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446)\n  * openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2026:25237",
  "modified": "2026-06-11T18:18:09Z",
  "published": "2026-06-11T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2026:25237"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-34180"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-34181"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-34182"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-34183"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42764"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42766"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42767"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42768"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42769"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42770"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-45445"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-45446"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-45447"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-7383"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-9076"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481879"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481880"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481881"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481882"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481884"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481885"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481887"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481890"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481891"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481892"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481893"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481894"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481896"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481897"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2481898"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/10/ALSA-2026-25237.html"
    }
  ],
  "related": [
    "CVE-2026-7383",
    "CVE-2026-9076",
    "CVE-2026-34180",
    "CVE-2026-34181",
    "CVE-2026-34182",
    "CVE-2026-34183",
    "CVE-2026-42764",
    "CVE-2026-42766",
    "CVE-2026-42767",
    "CVE-2026-42768",
    "CVE-2026-42769",
    "CVE-2026-42770",
    "CVE-2026-45445",
    "CVE-2026-45446",
    "CVE-2026-45447"
  ],
  "summary": "Important: openssl security update"
}

CERTFR-2026-AVI-0717

Vulnerability from certfr_avis - Published: 2026-06-10 - Updated: 2026-06-10

De multiples vulnérabilités ont été découvertes dans OpenSSL. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
OpenSSL	OpenSSL	OpenSSL versions 1.0.x antérieures à 1.0.2zq
OpenSSL	OpenSSL	OpenSSL versions 4.x antérieures à 4.0.1
OpenSSL	OpenSSL	OpenSSL versions 3.5.x antérieures à 3.5.7
OpenSSL	OpenSSL	OpenSSL versions 1.1.x antérieures à 1.1.1zh
OpenSSL	OpenSSL	OpenSSL versions 3.x antérieures à 3.0.21
OpenSSL	OpenSSL	OpenSSL versions 3.6.x antérieures à 3.6.3
OpenSSL	OpenSSL	OpenSSL versions 3.4.x antérieures à 3.4.6

References

Title

Publication Time

FKIE_CVE-2026-9076

Vulnerability from fkie_nvd - Published: 2026-06-09 17:17 - Updated: 2026-06-10 08:16

Severity

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	openssl-security@openssl.org	https://github.com/openssl/openssl/commit/05b066366842f930fadd9a6e94df98030af431bb
	openssl-security@openssl.org	https://github.com/openssl/openssl/commit/3d8d5bc1056b2f62da9fede23fedbf47e85187b0
	openssl-security@openssl.org	https://github.com/openssl/openssl/commit/715349a1d7c6db970e6815dafb90915f07307f98
	openssl-security@openssl.org	https://github.com/openssl/openssl/commit/77bf00ab13f6ff5e516535432f0328ed70ec0c26
	openssl-security@openssl.org	https://github.com/openssl/openssl/commit/eecbe330977e8d023aae1ca2d9bdbe983ef3fdc6
	openssl-security@openssl.org	https://openssl-library.org/news/secadv/20260609.txt

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue."
    }
  ],
  "id": "CVE-2026-9076",
  "lastModified": "2026-06-10T08:16:26.063",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-06-09T17:17:50.997",
  "references": [
    {
      "source": "openssl-security@openssl.org",
      "url": "https://github.com/openssl/openssl/commit/05b066366842f930fadd9a6e94df98030af431bb"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://github.com/openssl/openssl/commit/3d8d5bc1056b2f62da9fede23fedbf47e85187b0"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://github.com/openssl/openssl/commit/715349a1d7c6db970e6815dafb90915f07307f98"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://github.com/openssl/openssl/commit/77bf00ab13f6ff5e516535432f0328ed70ec0c26"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://github.com/openssl/openssl/commit/eecbe330977e8d023aae1ca2d9bdbe983ef3fdc6"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://openssl-library.org/news/secadv/20260609.txt"
    }
  ],
  "sourceIdentifier": "openssl-security@openssl.org",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "openssl-security@openssl.org",
      "type": "Secondary"
    }
  ]
}

GHSA-Q98X-73C3-57GJ

Vulnerability from github – Published: 2026-06-09 18:31 – Updated: 2026-06-10 09:31

Details

Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not revealed to the attacker.

The key unwrapping function performs a check-byte test as specified in the RFC that reads 7 bytes from a heap allocation that is based on the wrapped key length from the message. There is a minimum length check based on the block length of the wrapping cipher. However the cipher is selected from an OID carried in the attacker's PWRI keyEncryptionAlgorithm with no requirement that the cipher be a block cipher. When an attacker selects a stream-mode cipher the guard will be ineffective and the allocated buffer containing the unwrapped key can be too small to fit the check-bytes specified in the RFC and a buffer over-read can happen.

Applications calling CMS_decrypt() or CMS_decrypt_set1_password() (equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS data are vulnerable to this issue. No password knowledge is required: the over-read happens during the unwrap attempt before any authentication succeeds.

The over-read is limited to a few bytes and is not written to output, so there is no information disclosure. Triggering a crash requires the allocation to border unmapped memory, which is unlikely with the normal allocator.

The FIPS modules are not affected by this issue.

Severity

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-9076"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-09T17:17:50Z",
    "severity": "HIGH"
  },
  "details": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.",
  "id": "GHSA-q98x-73c3-57gj",
  "modified": "2026-06-10T09:31:57Z",
  "published": "2026-06-09T18:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9076"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/05b066366842f930fadd9a6e94df98030af431bb"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/3d8d5bc1056b2f62da9fede23fedbf47e85187b0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/715349a1d7c6db970e6815dafb90915f07307f98"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/77bf00ab13f6ff5e516535432f0328ed70ec0c26"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/eecbe330977e8d023aae1ca2d9bdbe983ef3fdc6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/security/commit/05b066366842f930fadd9a6e94df98030af431bb"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/security/commit/3d8d5bc1056b2f62da9fede23fedbf47e85187b0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/security/commit/715349a1d7c6db970e6815dafb90915f07307f98"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/security/commit/77bf00ab13f6ff5e516535432f0328ed70ec0c26"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/security/commit/eecbe330977e8d023aae1ca2d9bdbe983ef3fdc6"
    },
    {
      "type": "WEB",
      "url": "https://openssl-library.org/news/secadv/20260609.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

RHSA-2026:25237

Vulnerability from csaf_redhat - Published: 2026-06-11 13:09 - Updated: 2026-06-11 16:45

Summary

Red Hat Security Advisory: openssl security update

Severity

Important

Notes

Topic: An update for openssl is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383) * openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076) * openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180) * openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181) * openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182) * openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183) * openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764) * openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766) * openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767) * openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768) * openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769) * openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770) * openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445) * openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446) * openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2026-7383

A flaw was found in OpenSSL. A signed integer overflow vulnerability exists when sizing the destination buffer for Unicode output. This can lead to a heap buffer overflow, which may result in a crash or potentially allow an attacker to execute arbitrary code. Exploitation requires an application to directly call specific functions with a large amount of attacker-controlled input.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-9076

A flaw was found in OpenSSL. When processing attacker-supplied Cryptographic Message Syntax (CMS) data using password-based decryption, an attacker can choose a stream-mode Key Encryption Key (KEK) cipher. This can trigger a heap out-of-bounds read, potentially causing an application crash and leading to a Denial of Service (DoS). This vulnerability does not require password knowledge and can be exploited before authentication.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34180

A flaw was found in OpenSSL. An integer truncation vulnerability in the ASN.1 decoder can occur when processing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes. A remote attacker could exploit this to cause a heap buffer over-read. This may lead to an application crash, resulting in a Denial of Service (DoS), or potentially disclose sensitive information by loading memory contents beyond the input buffer. This issue primarily affects 64-bit Unix and Unix-like platforms.

5.0 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34181

A flaw was found in OpenSSL. This vulnerability allows a remote attacker to forge PKCS#12 (Public-Key Cryptography Standards #12) files that use Password-Based Message Authentication Code 1 (PBMAC1) with short HMAC (Hash-based Message Authentication Code) keys. This can lead to a service accepting attacker-controlled certificates and private keys with a 1 in 256 probability, potentially enabling impersonation.

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34182

A flaw was found in OpenSSL's Cryptographic Message Services (CMS) AuthEnvelopedData processing. An on-path attacker can exploit insufficient input validation on cipher and tag length fields by sending specially crafted CMS messages. This can lead to the forging of messages or bypassing integrity validation. Consequently, an attacker may achieve key-equivalent functionality for a given CMS recipient.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-34183

A flaw was found in OpenSSL's QUIC PATH_CHALLENGE handler. A remote attacker can exploit this vulnerability by flooding a QUIC client or server with specially crafted PATH_CHALLENGE frames. This leads to unbounded memory allocation within the local QUIC stack, as the system continuously allocates PATH_RESPONSE frames without them being acknowledged. The primary consequence is a Denial of Service (DoS), causing the affected application to terminate abnormally due to memory exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-42764

A flaw was found in the OpenSSL QUIC (Quick UDP Internet Connections) server. A remote attacker could send a specially crafted QUIC initial packet with an invalid token. If the server's address validation is explicitly disabled, this could lead to a NULL pointer dereference, causing the server process to terminate abnormally and resulting in a Denial of Service (DoS).

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-42766

A flaw was found in OpenSSL. A remote attacker could exploit a NULL pointer dereference vulnerability in the Cryptographic Message Syntax (CMS) decryption process by providing a specially crafted password-encrypted CMS message. This occurs because the keyDerivationAlgorithm field, which is optional, is dereferenced without proper validation. Successful exploitation leads to an application crash, resulting in a Denial of Service.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42767

A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol (CMP) server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format (CRMF) CertRepMessage with a specific malformed EncryptedValue structure, would trigger a NULL pointer dereference in the OpenSSL CMP client. This vulnerability leads to a crash of the application, resulting in a Denial of Service (DoS).

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42768

A flaw was found in OpenSSL's CMS_decrypt() and PKCS7_decrypt() functions. This vulnerability, a Bleichenbacher-style oracle, could allow a remote attacker to decrypt or sign messages using the victim's private RSA key. Exploitation requires the attacker to provide specially crafted CMS or S/MIME messages and observe the application's error codes or decryption output. While the attack is technically possible, the specific conditions required make it unlikely to be exploited in typical deployments.

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-205 - Observable Behavioral Discrepancy

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42769

A flaw was found in the Certificate Management Protocol (CMP) implementation within OpenSSL. An attacker with existing Registration Authority (RA) level credentials could exploit an error in the certificate verification process during a Root Certificate Authority (CA) key update. This vulnerability allows the attacker to replace the root CA certificate for CMP clients with a fraudulent one. The primary consequence is an escalation of privileges, enabling the attacker to gain control equivalent to the root CA.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-295 - Improper Certificate Validation

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42770

A flaw was found in OpenSSL. A malicious peer can exploit this vulnerability by presenting a specially crafted DHX (X9.42) peer key. Due to improper validation of the peer key's subgroup membership, an attacker can recover the victim's private key after a small number of key exchange attempts. This information disclosure can lead to unauthorized access or further compromise of affected systems.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-354 - Improper Validation of Integrity Check Value

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-45445

A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface (EVP_Cipher()) will have their provided Initialization Vector (IV) silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the confidentiality of encrypted data. Additionally, this issue allows for the universal forgery of authentication tags, undermining the integrity of communications.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-1204 - Generation of Weak Initialization Vector (IV)

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-45446

A flaw was found in OpenSSL. The implementations of AES-SIV (Advanced Encryption Standard - SIV) and AES-GCM-SIV (Advanced Encryption Standard - Galois/Counter Mode - SIV) incorrectly process authentication tags for empty messages. This vulnerability allows a remote attacker to forge empty messages with arbitrary Additional Authenticated Data (AAD) in applications that utilize these specific cipher modes within custom protocols and do not properly handle zero-length ciphertexts. This could lead to unauthorized data manipulation.

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-45447

A flaw was found in OpenSSL. When processing a specially crafted PKCS#7 or S/MIME (Secure/Multipurpose Internet Mail Extensions) signed message, a heap use-after-free vulnerability in the PKCS7_verify() function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, leading to incorrect memory deallocation. A remote attacker could exploit this to cause application crashes, memory corruption, or potentially achieve remote code execution.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-825 - Expired Pointer Dereference

Affected products

Fixed 58 products

Product	Version	Remediation
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

References

78 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:25237	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481879	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481880	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481881	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481882	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481884	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481885	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481887	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481890	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481891	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481892	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481893	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481894	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481896	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481897	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481898	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2026-7383	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481879	external
https://www.cve.org/CVERecord?id=CVE-2026-7383	external
https://nvd.nist.gov/vuln/detail/CVE-2026-7383	external
https://access.redhat.com/security/cve/CVE-2026-9076	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481880	external
https://www.cve.org/CVERecord?id=CVE-2026-9076	external
https://nvd.nist.gov/vuln/detail/CVE-2026-9076	external
https://access.redhat.com/security/cve/CVE-2026-34180	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481881	external
https://www.cve.org/CVERecord?id=CVE-2026-34180	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34180	external
https://access.redhat.com/security/cve/CVE-2026-34181	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481882	external
https://www.cve.org/CVERecord?id=CVE-2026-34181	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34181	external
https://access.redhat.com/security/cve/CVE-2026-34182	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481884	external
https://www.cve.org/CVERecord?id=CVE-2026-34182	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34182	external
https://access.redhat.com/security/cve/CVE-2026-34183	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481885	external
https://www.cve.org/CVERecord?id=CVE-2026-34183	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34183	external
https://access.redhat.com/security/cve/CVE-2026-42764	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481887	external
https://www.cve.org/CVERecord?id=CVE-2026-42764	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42764	external
https://access.redhat.com/security/cve/CVE-2026-42766	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481890	external
https://www.cve.org/CVERecord?id=CVE-2026-42766	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42766	external
https://access.redhat.com/security/cve/CVE-2026-42767	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481891	external
https://www.cve.org/CVERecord?id=CVE-2026-42767	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42767	external
https://access.redhat.com/security/cve/CVE-2026-42768	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481892	external
https://www.cve.org/CVERecord?id=CVE-2026-42768	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42768	external
https://access.redhat.com/security/cve/CVE-2026-42769	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481893	external
https://www.cve.org/CVERecord?id=CVE-2026-42769	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42769	external
https://access.redhat.com/security/cve/CVE-2026-42770	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481894	external
https://www.cve.org/CVERecord?id=CVE-2026-42770	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42770	external
https://access.redhat.com/security/cve/CVE-2026-45445	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481896	external
https://www.cve.org/CVERecord?id=CVE-2026-45445	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45445	external
https://access.redhat.com/security/cve/CVE-2026-45446	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481897	external
https://www.cve.org/CVERecord?id=CVE-2026-45446	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45446	external
https://access.redhat.com/security/cve/CVE-2026-45447	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481898	external
https://www.cve.org/CVERecord?id=CVE-2026-45447	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45447	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for openssl is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383)\n\n* openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076)\n\n* openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180)\n\n* openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181)\n\n* openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182)\n\n* openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183)\n\n* openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764)\n\n* openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766)\n\n* openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767)\n\n* openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768)\n\n* openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769)\n\n* openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770)\n\n* openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445)\n\n* openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446)\n\n* openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:25237",
        "url": "https://access.redhat.com/errata/RHSA-2026:25237"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2481879",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481879"
      },
      {
        "category": "external",
        "summary": "2481880",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481880"
      },
      {
        "category": "external",
        "summary": "2481881",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481881"
      },
      {
        "category": "external",
        "summary": "2481882",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481882"
      },
      {
        "category": "external",
        "summary": "2481884",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481884"
      },
      {
        "category": "external",
        "summary": "2481885",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481885"
      },
      {
        "category": "external",
        "summary": "2481887",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481887"
      },
      {
        "category": "external",
        "summary": "2481890",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481890"
      },
      {
        "category": "external",
        "summary": "2481891",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481891"
      },
      {
        "category": "external",
        "summary": "2481892",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481892"
      },
      {
        "category": "external",
        "summary": "2481893",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481893"
      },
      {
        "category": "external",
        "summary": "2481894",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481894"
      },
      {
        "category": "external",
        "summary": "2481896",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481896"
      },
      {
        "category": "external",
        "summary": "2481897",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481897"
      },
      {
        "category": "external",
        "summary": "2481898",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481898"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_25237.json"
      }
    ],
    "title": "Red Hat Security Advisory: openssl security update",
    "tracking": {
      "current_release_date": "2026-06-11T16:45:51+00:00",
      "generator": {
        "date": "2026-06-11T16:45:51+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.2"
        }
      },
      "id": "RHSA-2026:25237",
      "initial_release_date": "2026-06-11T13:09:01+00:00",
      "revision_history": [
        {
          "date": "2026-06-11T13:09:01+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-11T13:09:01+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-11T16:45:51+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 10)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 10)",
                  "product_id": "AppStream-10.2.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS (v. 10)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS (v. 10)",
                  "product_id": "BaseOS-10.2.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-devel-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-perl-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el10_2.aarch64",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el10_2.aarch64",
                  "product_id": "openssl-libs-1:3.5.5-4.el10_2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el10_2?arch=aarch64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-devel-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-perl-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el10_2.ppc64le",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el10_2.ppc64le",
                  "product_id": "openssl-libs-1:3.5.5-4.el10_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el10_2?arch=ppc64le\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-devel-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-perl-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el10_2.x86_64",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el10_2.x86_64",
                  "product_id": "openssl-libs-1:3.5.5-4.el10_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el10_2?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-devel-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-perl-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el10_2.s390x",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el10_2.s390x",
                  "product_id": "openssl-libs-1:3.5.5-4.el10_2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el10_2?arch=s390x\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el10_2.src",
                "product": {
                  "name": "openssl-1:3.5.5-4.el10_2.src",
                  "product_id": "openssl-1:3.5.5-4.el10_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el10_2?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.src",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.src as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.src",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.aarch64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.ppc64le",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.s390x",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el10_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
          "product_id": "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el10_2.x86_64",
        "relates_to_product_reference": "BaseOS-10.2.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-7383",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2026-05-27T13:08:15.013000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481879"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A signed integer overflow vulnerability exists when sizing the destination buffer for Unicode output. This can lead to a heap buffer overflow, which may result in a crash or potentially allow an attacker to execute arbitrary code. Exploitation requires an application to directly call specific functions with a large amount of attacker-controlled input.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Low impact. This flaw in OpenSSL\u0027s ASN1_mbstring_ncopy() function, leading to a heap buffer overflow, is difficult to exploit in typical Red Hat environments. Exploitation requires an application to directly call the vulnerable function with an extremely large, attacker-controlled input (over half a gigabyte), a scenario not present in standard OpenSSL certificate or network protocol handling.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-7383"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481879",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481879"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-7383",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-7383"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-7383",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7383"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing"
    },
    {
      "cve": "CVE-2026-9076",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-05-27T13:10:14.368000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481880"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. When processing attacker-supplied Cryptographic Message Syntax (CMS) data using password-based decryption, an attacker can choose a stream-mode Key Encryption Key (KEK) cipher. This can trigger a heap out-of-bounds read, potentially causing an application crash and leading to a Denial of Service (DoS). This vulnerability does not require password knowledge and can be exploited before authentication.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Low impact denial of service due to a heap out-of-bounds read in `kek_unwrap_key()` when processing attacker-supplied CMS data with an attacker-chosen stream-mode KEK cipher. This flaw requires specific memory conditions (input buffer ending at a page boundary with an unmapped following page) to trigger a crash, which is uncommon in typical Red Hat environments. No information disclosure is possible, and FIPS modules are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-9076"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481880",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481880"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-9076",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-9076"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9076",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9076"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption"
    },
    {
      "cve": "CVE-2026-34180",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2026-05-27T13:10:51.985000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481881"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. An integer truncation vulnerability in the ASN.1 decoder can occur when processing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes. A remote attacker could exploit this to cause a heap buffer over-read. This may lead to an application crash, resulting in a Denial of Service (DoS), or potentially disclose sensitive information by loading memory contents beyond the input buffer. This issue primarily affects 64-bit Unix and Unix-like platforms.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low impact vulnerability in OpenSSL\u0027s ASN.1 decoder affects 64-bit Unix-like platforms, where processing a crafted DER-encoded ASN.1 structure exceeding 2 gigabytes can lead to a heap buffer over-read. This may result in application crashes (Denial of Service) or unintended memory exposure. Red Hat products are only affected if they process untrusted, excessively large ASN.1 input using OpenSSL\u0027s d2i_* decoding functions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34180"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481881",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481881"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34180",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34180"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34180",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34180"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure."
    },
    {
      "cve": "CVE-2026-34181",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-05-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481882"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to forge PKCS#12 (Public-Key Cryptography Standards #12) files that use Password-Based Message Authentication Code 1 (PBMAC1) with short HMAC (Hash-based Message Authentication Code) keys. This can lead to a service accepting attacker-controlled certificates and private keys with a 1 in 256 probability, potentially enabling impersonation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Low: This flaw allows an attacker to forge PKCS#12 files with a 1 in 256 probability, leading to the acceptance of attacker-controlled certificates and private keys by services configured to use PBMAC1 authentication. Red Hat products utilizing OpenSSL versions 3.0, 1.1.1, or 1.0.2 are not affected, as these versions do not support PBMAC1 in PKCS#12.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34181"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481882",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481882"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34181",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34181"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34181",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34181"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys"
    },
    {
      "cve": "CVE-2026-34182",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "discovery_date": "2026-05-27T13:59:43+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481884"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s Cryptographic Message Services (CMS) AuthEnvelopedData processing. An on-path attacker can exploit insufficient input validation on cipher and tag length fields by sending specially crafted CMS messages. This can lead to the forging of messages or bypassing integrity validation. Consequently, an attacker may achieve key-equivalent functionality for a given CMS recipient.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Moderate: This flaw in OpenSSL\u0027s Cryptographic Message Services (CMS) AuthEnvelopedData processing could allow an on-path attacker to forge messages or bypass integrity validation. This is due to insufficient input validation on cipher and tag length fields, potentially leading to key-equivalent functionality or integrity bypass in applications utilizing affected OpenSSL versions for CMS AuthEnvelopedData.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34182"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481884",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481884"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34182",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34182"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34182",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34182"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Systems configured to operate in FIPS mode are not affected by this vulnerability. To mitigate this issue, ensure that OpenSSL is operating in FIPS mode by enabling the system-wide FIPS policy. This may have broader implications for cryptographic operations on the system and should be evaluated for compatibility with existing applications. A system reboot may be required for the changes to take effect.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages"
    },
    {
      "cve": "CVE-2026-34183",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-05-27T14:04:59+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481885"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s QUIC PATH_CHALLENGE handler. A remote attacker can exploit this vulnerability by flooding a QUIC client or server with specially crafted PATH_CHALLENGE frames. This leads to unbounded memory allocation within the local QUIC stack, as the system continuously allocates PATH_RESPONSE frames without them being acknowledged. The primary consequence is a Denial of Service (DoS), causing the affected application to terminate abnormally due to memory exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A Moderate severity flaw exists in the QUIC PATH_CHALLENGE handler, allowing a remote attacker to exhaust heap memory of a QUIC client or server. By flooding the local QUIC stack with PATH_CHALLENGE frames, a malicious peer can trigger unbounded memory allocation, leading to a denial of service for applications utilizing the vulnerable QUIC implementation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34183"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481885",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481885"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34183"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler"
    },
    {
      "cve": "CVE-2026-42764",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:08:07+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481887"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the OpenSSL QUIC (Quick UDP Internet Connections) server. A remote attacker could send a specially crafted QUIC initial packet with an invalid token. If the server\u0027s address validation is explicitly disabled, this could lead to a NULL pointer dereference, causing the server process to terminate abnormally and resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: NULL pointer dereference in QUIC server initial packet handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Moderate severity issue. A NULL pointer dereference can occur in the OpenSSL QUIC server when processing initial packets with invalid tokens, leading to a denial of service. This vulnerability is only exploitable if the client address validation is explicitly disabled using the `SSL_LISTENER_FLAG_NO_VALIDATE` flag, which is not the default configuration for OpenSSL QUIC servers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42764"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481887",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481887"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42764",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42764"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42764",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42764"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, ensure that the OpenSSL QUIC server has client address validation enabled. This is the default configuration. If the `SSL_LISTENER_FLAG_NO_VALIDATE` flag is being used with the `SSL_new_listener()` call, it should be removed to prevent the vulnerability from being exploitable.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: NULL pointer dereference in QUIC server initial packet handling"
    },
    {
      "cve": "CVE-2026-42766",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481890"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A remote attacker could exploit a NULL pointer dereference vulnerability in the Cryptographic Message Syntax (CMS) decryption process by providing a specially crafted password-encrypted CMS message. This occurs because the keyDerivationAlgorithm field, which is optional, is dereferenced without proper validation. Successful exploitation leads to an application crash, resulting in a Denial of Service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Possible NULL Dereference in Password-Based CMS Decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue is rated as Low impact. A NULL pointer dereference in OpenSSL\u0027s CMS decryption can be triggered by a specially crafted password-encrypted CMS message, leading to an Red Hat application crash and Denial of Service. This affects applications that perform password-based CMS decryption.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42766"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481890",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481890"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42766",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42766"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42766",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42766"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Possible NULL Dereference in Password-Based CMS Decryption"
    },
    {
      "cve": "CVE-2026-42767",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481891"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol (CMP) server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format (CRMF) CertRepMessage with a specific malformed EncryptedValue structure, would trigger a NULL pointer dereference in the OpenSSL CMP client. This vulnerability leads to a crash of the application, resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Low severity issue. A null pointer dereference flaw in the OpenSSL Certificate Management Protocol (CMP) client could be triggered by an attacker-controlled CMP server. This could lead to a denial of service in applications that process untrusted CMP/CRMF messages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42767"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481891",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481891"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42767",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42767"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42767",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42767"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, ensure that OpenSSL CMP client applications only communicate with trusted Certificate Management Protocol (CMP) servers. If CMP client functionality is not required, consider disabling or restricting its use to reduce exposure.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption"
    },
    {
      "cve": "CVE-2026-42768",
      "cwe": {
        "id": "CWE-205",
        "name": "Observable Behavioral Discrepancy"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481892"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s CMS_decrypt() and PKCS7_decrypt() functions. This vulnerability, a Bleichenbacher-style oracle, could allow a remote attacker to decrypt or sign messages using the victim\u0027s private RSA key. Exploitation requires the attacker to provide specially crafted CMS or S/MIME messages and observe the application\u0027s error codes or decryption output. While the attack is technically possible, the specific conditions required make it unlikely to be exploited in typical deployments.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low severity vulnerability in OpenSSL\u0027s CMS_decrypt() and PKCS7_decrypt() functions exposes a Bleichenbacher-style oracle. Exploitation requires an attacker to control input CMS/S/MIME messages and observe decryption errors or output, a scenario deemed unlikely in most Red Hat product deployments. The attack could allow decryption or signing of messages with a victim\u0027s private RSA key.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42768"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481892",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481892"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42768",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42768"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42768",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42768"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, applications utilizing CMS_decrypt() or PKCS7_decrypt() should ensure a recipient certificate is always provided to identify the specific RecipientInfo for decryption. This practice helps prevent the Bleichenbacher-style oracle attack by ensuring proper key identification.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()"
    },
    {
      "cve": "CVE-2026-42769",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481893"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Certificate Management Protocol (CMP) implementation within OpenSSL. An attacker with existing Registration Authority (RA) level credentials could exploit an error in the certificate verification process during a Root Certificate Authority (CA) key update. This vulnerability allows the attacker to replace the root CA certificate for CMP clients with a fraudulent one. The primary consequence is an escalation of privileges, enabling the attacker to gain control equivalent to the root CA.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue has a Low impact as it requires an attacker to already possess valid Registration Authority (RA) level credentials to exploit. A flaw in the Certificate Management Protocol (CMP) root CA key update process could allow an RA to substitute the root CA certificate for CMP clients with an arbitrary certificate, potentially leading to a trust-anchor substitution. FIPS modules are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42769"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481893",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481893"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42769",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42769"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42769",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42769"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate"
    },
    {
      "cve": "CVE-2026-42770",
      "cwe": {
        "id": "CWE-354",
        "name": "Improper Validation of Integrity Check Value"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481894"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A malicious peer can exploit this vulnerability by presenting a specially crafted DHX (X9.42) peer key. Due to improper validation of the peer key\u0027s subgroup membership, an attacker can recover the victim\u0027s private key after a small number of key exchange attempts. This information disclosure can lead to unauthorized access or further compromise of affected systems.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: FFC-DH Peer Validation Uses Attacker-Supplied q",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low severity flaw in OpenSSL affects systems configured to use DHX (X9.42) peer keys for key derivation, allowing a malicious peer to potentially recover a victim\u0027s private key. The attack requires specific conditions, such as long-lived RA/CA DHX keys in CMP deployments or bespoke applications utilizing X9.42 DHX static keys with interactive protocols, limiting its broader impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42770"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481894",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481894"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42770",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42770"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42770",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42770"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: FFC-DH Peer Validation Uses Attacker-Supplied q"
    },
    {
      "cve": "CVE-2026-45445",
      "cwe": {
        "id": "CWE-1204",
        "name": "Generation of Weak Initialization Vector (IV)"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481896"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface (EVP_Cipher()) will have their provided Initialization Vector (IV) silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the confidentiality of encrypted data. Additionally, this issue allows for the universal forgery of authentication tags, undermining the integrity of communications.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: AES-OCB IV Ignored on EVP_Cipher() Path",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Moderate severity flaw where applications utilizing the AES-OCB cipher through OpenSSL\u0027s EVP_Cipher() one-shot interface may silently discard the provided initialization vector (IV). This leads to nonce reuse, compromising confidentiality and enabling universal forgery of authentication tags. Red Hat products are primarily affected if they include or rely on third-party applications that specifically employ this less common and discouraged API usage with AES-OCB, as standard OpenSSL SSL/TLS implementations and applications using the recommended streaming AEAD API are not impacted.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45445"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481896",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481896"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45445",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45445"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45445",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45445"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: AES-OCB IV Ignored on EVP_Cipher() Path"
    },
    {
      "cve": "CVE-2026-45446",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481897"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. The implementations of AES-SIV (Advanced Encryption Standard - SIV) and AES-GCM-SIV (Advanced Encryption Standard - Galois/Counter Mode - SIV) incorrectly process authentication tags for empty messages. This vulnerability allows a remote attacker to forge empty messages with arbitrary Additional Authenticated Data (AAD) in applications that utilize these specific cipher modes within custom protocols and do not properly handle zero-length ciphertexts. This could lead to unauthorized data manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is rated as Low impact. It affects applications that utilize OpenSSL\u0027s AES-SIV or AES-GCM-SIV modes within custom protocols and specifically mishandle empty ciphertexts. Standard OpenSSL protocols, such as TLS, are not affected. Successful exploitation requires an application to use the EVP interface and to skip ciphertext updates when processing zero-length ciphertexts, representing an uncommon and non-default configuration.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45446"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481897",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481897"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45446",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45446"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45446",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45446"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "The vulnerability arises from specific application implementations using OpenSSL\u0027s AES-SIV or AES-GCM-SIV modes with custom protocols and an atypical handling of empty ciphertexts. As this scenario is not a default or commonly deployed configuration in Red Hat products, and no direct configuration or operational control exists to mitigate this specific flaw without patching, the following applies:\n\nMitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes"
    },
    {
      "cve": "CVE-2026-45447",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481898"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#7 or S/MIME (Secure/Multipurpose Internet Mail Extensions) signed message, a heap use-after-free vulnerability in the PKCS7_verify() function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, leading to incorrect memory deallocation. A remote attacker could exploit this to cause application crashes, memory corruption, or potentially achieve remote code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This High severity heap use-after-free flaw in OpenSSL\u0027s PKCS7_verify() function can be triggered by processing a specially crafted PKCS#7 or S/MIME signed message. This could lead to application crashes, memory corruption, or potentially remote code execution, impacting services that handle such messages. The vulnerability specifically affects applications utilizing OpenSSL PKCS#7 APIs, while those using CMS APIs are not impacted.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
          "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
          "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45447"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481898",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481898"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45447",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45447"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45447",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45447"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:09:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25237"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "AppStream-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "AppStream-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.src",
            "BaseOS-10.2.Z:openssl-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-debugsource-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-devel-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-libs-debuginfo-1:3.5.5-4.el10_2.x86_64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.aarch64",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.ppc64le",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.s390x",
            "BaseOS-10.2.Z:openssl-perl-1:3.5.5-4.el10_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()"
    }
  ]
}

RHSA-2026:25239

Vulnerability from csaf_redhat - Published: 2026-06-11 13:24 - Updated: 2026-06-11 16:45

Summary

Red Hat Security Advisory: openssl security update

Severity

Important

Notes

Topic: An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

CVE-2026-7383

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-9076

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34180

5.0 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34181

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-34182

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-34183

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-42764

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-42766

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42767

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42768

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-205 - Observable Behavioral Discrepancy

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42769

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-295 - Improper Certificate Validation

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-42770

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-354 - Improper Validation of Integrity Check Value

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-45445

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-1204 - Generation of Weak Initialization Vector (IV)

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2026-45446

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2026-45447

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-825 - Expired Pointer Dereference

Affected products

Fixed 68 products

Product	Version	Remediation
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

References

78 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:25239	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481879	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481880	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481881	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481882	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481884	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481885	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481887	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481890	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481891	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481892	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481893	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481894	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481896	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481897	external
https://bugzilla.redhat.com/show_bug.cgi?id=2481898	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2026-7383	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481879	external
https://www.cve.org/CVERecord?id=CVE-2026-7383	external
https://nvd.nist.gov/vuln/detail/CVE-2026-7383	external
https://access.redhat.com/security/cve/CVE-2026-9076	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481880	external
https://www.cve.org/CVERecord?id=CVE-2026-9076	external
https://nvd.nist.gov/vuln/detail/CVE-2026-9076	external
https://access.redhat.com/security/cve/CVE-2026-34180	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481881	external
https://www.cve.org/CVERecord?id=CVE-2026-34180	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34180	external
https://access.redhat.com/security/cve/CVE-2026-34181	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481882	external
https://www.cve.org/CVERecord?id=CVE-2026-34181	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34181	external
https://access.redhat.com/security/cve/CVE-2026-34182	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481884	external
https://www.cve.org/CVERecord?id=CVE-2026-34182	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34182	external
https://access.redhat.com/security/cve/CVE-2026-34183	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481885	external
https://www.cve.org/CVERecord?id=CVE-2026-34183	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34183	external
https://access.redhat.com/security/cve/CVE-2026-42764	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481887	external
https://www.cve.org/CVERecord?id=CVE-2026-42764	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42764	external
https://access.redhat.com/security/cve/CVE-2026-42766	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481890	external
https://www.cve.org/CVERecord?id=CVE-2026-42766	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42766	external
https://access.redhat.com/security/cve/CVE-2026-42767	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481891	external
https://www.cve.org/CVERecord?id=CVE-2026-42767	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42767	external
https://access.redhat.com/security/cve/CVE-2026-42768	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481892	external
https://www.cve.org/CVERecord?id=CVE-2026-42768	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42768	external
https://access.redhat.com/security/cve/CVE-2026-42769	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481893	external
https://www.cve.org/CVERecord?id=CVE-2026-42769	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42769	external
https://access.redhat.com/security/cve/CVE-2026-42770	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481894	external
https://www.cve.org/CVERecord?id=CVE-2026-42770	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42770	external
https://access.redhat.com/security/cve/CVE-2026-45445	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481896	external
https://www.cve.org/CVERecord?id=CVE-2026-45445	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45445	external
https://access.redhat.com/security/cve/CVE-2026-45446	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481897	external
https://www.cve.org/CVERecord?id=CVE-2026-45446	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45446	external
https://access.redhat.com/security/cve/CVE-2026-45447	self
https://bugzilla.redhat.com/show_bug.cgi?id=2481898	external
https://www.cve.org/CVERecord?id=CVE-2026-45447	external
https://nvd.nist.gov/vuln/detail/CVE-2026-45447	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for openssl is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383)\n\n* openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076)\n\n* openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180)\n\n* openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181)\n\n* openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182)\n\n* openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183)\n\n* openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764)\n\n* openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766)\n\n* openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767)\n\n* openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768)\n\n* openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769)\n\n* openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770)\n\n* openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445)\n\n* openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446)\n\n* openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:25239",
        "url": "https://access.redhat.com/errata/RHSA-2026:25239"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2481879",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481879"
      },
      {
        "category": "external",
        "summary": "2481880",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481880"
      },
      {
        "category": "external",
        "summary": "2481881",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481881"
      },
      {
        "category": "external",
        "summary": "2481882",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481882"
      },
      {
        "category": "external",
        "summary": "2481884",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481884"
      },
      {
        "category": "external",
        "summary": "2481885",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481885"
      },
      {
        "category": "external",
        "summary": "2481887",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481887"
      },
      {
        "category": "external",
        "summary": "2481890",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481890"
      },
      {
        "category": "external",
        "summary": "2481891",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481891"
      },
      {
        "category": "external",
        "summary": "2481892",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481892"
      },
      {
        "category": "external",
        "summary": "2481893",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481893"
      },
      {
        "category": "external",
        "summary": "2481894",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481894"
      },
      {
        "category": "external",
        "summary": "2481896",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481896"
      },
      {
        "category": "external",
        "summary": "2481897",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481897"
      },
      {
        "category": "external",
        "summary": "2481898",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481898"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_25239.json"
      }
    ],
    "title": "Red Hat Security Advisory: openssl security update",
    "tracking": {
      "current_release_date": "2026-06-11T16:45:52+00:00",
      "generator": {
        "date": "2026-06-11T16:45:52+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.2"
        }
      },
      "id": "RHSA-2026:25239",
      "initial_release_date": "2026-06-11T13:24:31+00:00",
      "revision_history": [
        {
          "date": "2026-06-11T13:24:31+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-11T13:24:31+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-11T16:45:52+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                  "product_id": "AppStream-9.8.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                  "product_id": "BaseOS-9.8.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el9_8.src",
                "product": {
                  "name": "openssl-1:3.5.5-4.el9_8.src",
                  "product_id": "openssl-1:3.5.5-4.el9_8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el9_8?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-libs-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-devel-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el9_8.aarch64",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el9_8.aarch64",
                  "product_id": "openssl-perl-1:3.5.5-4.el9_8.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el9_8?arch=aarch64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-libs-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-devel-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el9_8.ppc64le",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el9_8.ppc64le",
                  "product_id": "openssl-perl-1:3.5.5-4.el9_8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el9_8?arch=ppc64le\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-libs-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-devel-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el9_8.x86_64",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el9_8.x86_64",
                  "product_id": "openssl-perl-1:3.5.5-4.el9_8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el9_8?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el9_8.i686",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el9_8.i686",
                  "product_id": "openssl-libs-1:3.5.5-4.el9_8.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el9_8?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el9_8.i686",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el9_8.i686",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el9_8.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el9_8?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el9_8.i686",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el9_8.i686",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el9_8.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el9_8?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el9_8?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el9_8.i686",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el9_8.i686",
                  "product_id": "openssl-devel-1:3.5.5-4.el9_8.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el9_8?arch=i686\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-libs-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-libs-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debugsource-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-debugsource-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-debugsource-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debugsource@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-debuginfo@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-devel-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-devel-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-devel-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-devel@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openssl-perl-1:3.5.5-4.el9_8.s390x",
                "product": {
                  "name": "openssl-perl-1:3.5.5-4.el9_8.s390x",
                  "product_id": "openssl-perl-1:3.5.5-4.el9_8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openssl-perl@3.5.5-4.el9_8?arch=s390x\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.src",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.src",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-devel-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-devel-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-libs-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.aarch64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.ppc64le",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.s390x",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-perl-1:3.5.5-4.el9_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        },
        "product_reference": "openssl-perl-1:3.5.5-4.el9_8.x86_64",
        "relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-7383",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2026-05-27T13:08:15.013000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481879"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A signed integer overflow vulnerability exists when sizing the destination buffer for Unicode output. This can lead to a heap buffer overflow, which may result in a crash or potentially allow an attacker to execute arbitrary code. Exploitation requires an application to directly call specific functions with a large amount of attacker-controlled input.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Low impact. This flaw in OpenSSL\u0027s ASN1_mbstring_ncopy() function, leading to a heap buffer overflow, is difficult to exploit in typical Red Hat environments. Exploitation requires an application to directly call the vulnerable function with an extremely large, attacker-controlled input (over half a gigabyte), a scenario not present in standard OpenSSL certificate or network protocol handling.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-7383"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481879",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481879"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-7383",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-7383"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-7383",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7383"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing"
    },
    {
      "cve": "CVE-2026-9076",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-05-27T13:10:14.368000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481880"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. When processing attacker-supplied Cryptographic Message Syntax (CMS) data using password-based decryption, an attacker can choose a stream-mode Key Encryption Key (KEK) cipher. This can trigger a heap out-of-bounds read, potentially causing an application crash and leading to a Denial of Service (DoS). This vulnerability does not require password knowledge and can be exploited before authentication.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Low impact denial of service due to a heap out-of-bounds read in `kek_unwrap_key()` when processing attacker-supplied CMS data with an attacker-chosen stream-mode KEK cipher. This flaw requires specific memory conditions (input buffer ending at a page boundary with an unmapped following page) to trigger a crash, which is uncommon in typical Red Hat environments. No information disclosure is possible, and FIPS modules are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-9076"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481880",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481880"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-9076",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-9076"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9076",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9076"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption"
    },
    {
      "cve": "CVE-2026-34180",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2026-05-27T13:10:51.985000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481881"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. An integer truncation vulnerability in the ASN.1 decoder can occur when processing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes. A remote attacker could exploit this to cause a heap buffer over-read. This may lead to an application crash, resulting in a Denial of Service (DoS), or potentially disclose sensitive information by loading memory contents beyond the input buffer. This issue primarily affects 64-bit Unix and Unix-like platforms.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low impact vulnerability in OpenSSL\u0027s ASN.1 decoder affects 64-bit Unix-like platforms, where processing a crafted DER-encoded ASN.1 structure exceeding 2 gigabytes can lead to a heap buffer over-read. This may result in application crashes (Denial of Service) or unintended memory exposure. Red Hat products are only affected if they process untrusted, excessively large ASN.1 input using OpenSSL\u0027s d2i_* decoding functions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34180"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481881",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481881"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34180",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34180"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34180",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34180"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure."
    },
    {
      "cve": "CVE-2026-34181",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-05-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481882"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to forge PKCS#12 (Public-Key Cryptography Standards #12) files that use Password-Based Message Authentication Code 1 (PBMAC1) with short HMAC (Hash-based Message Authentication Code) keys. This can lead to a service accepting attacker-controlled certificates and private keys with a 1 in 256 probability, potentially enabling impersonation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Low: This flaw allows an attacker to forge PKCS#12 files with a 1 in 256 probability, leading to the acceptance of attacker-controlled certificates and private keys by services configured to use PBMAC1 authentication. Red Hat products utilizing OpenSSL versions 3.0, 1.1.1, or 1.0.2 are not affected, as these versions do not support PBMAC1 in PKCS#12.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34181"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481882",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481882"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34181",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34181"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34181",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34181"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys"
    },
    {
      "cve": "CVE-2026-34182",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "discovery_date": "2026-05-27T13:59:43+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481884"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s Cryptographic Message Services (CMS) AuthEnvelopedData processing. An on-path attacker can exploit insufficient input validation on cipher and tag length fields by sending specially crafted CMS messages. This can lead to the forging of messages or bypassing integrity validation. Consequently, an attacker may achieve key-equivalent functionality for a given CMS recipient.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Moderate: This flaw in OpenSSL\u0027s Cryptographic Message Services (CMS) AuthEnvelopedData processing could allow an on-path attacker to forge messages or bypass integrity validation. This is due to insufficient input validation on cipher and tag length fields, potentially leading to key-equivalent functionality or integrity bypass in applications utilizing affected OpenSSL versions for CMS AuthEnvelopedData.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34182"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481884",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481884"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34182",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34182"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34182",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34182"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Systems configured to operate in FIPS mode are not affected by this vulnerability. To mitigate this issue, ensure that OpenSSL is operating in FIPS mode by enabling the system-wide FIPS policy. This may have broader implications for cryptographic operations on the system and should be evaluated for compatibility with existing applications. A system reboot may be required for the changes to take effect.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages"
    },
    {
      "cve": "CVE-2026-34183",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-05-27T14:04:59+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481885"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s QUIC PATH_CHALLENGE handler. A remote attacker can exploit this vulnerability by flooding a QUIC client or server with specially crafted PATH_CHALLENGE frames. This leads to unbounded memory allocation within the local QUIC stack, as the system continuously allocates PATH_RESPONSE frames without them being acknowledged. The primary consequence is a Denial of Service (DoS), causing the affected application to terminate abnormally due to memory exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A Moderate severity flaw exists in the QUIC PATH_CHALLENGE handler, allowing a remote attacker to exhaust heap memory of a QUIC client or server. By flooding the local QUIC stack with PATH_CHALLENGE frames, a malicious peer can trigger unbounded memory allocation, leading to a denial of service for applications utilizing the vulnerable QUIC implementation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34183"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481885",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481885"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34183"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler"
    },
    {
      "cve": "CVE-2026-42764",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:08:07+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481887"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the OpenSSL QUIC (Quick UDP Internet Connections) server. A remote attacker could send a specially crafted QUIC initial packet with an invalid token. If the server\u0027s address validation is explicitly disabled, this could lead to a NULL pointer dereference, causing the server process to terminate abnormally and resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: NULL pointer dereference in QUIC server initial packet handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Moderate severity issue. A NULL pointer dereference can occur in the OpenSSL QUIC server when processing initial packets with invalid tokens, leading to a denial of service. This vulnerability is only exploitable if the client address validation is explicitly disabled using the `SSL_LISTENER_FLAG_NO_VALIDATE` flag, which is not the default configuration for OpenSSL QUIC servers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42764"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481887",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481887"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42764",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42764"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42764",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42764"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, ensure that the OpenSSL QUIC server has client address validation enabled. This is the default configuration. If the `SSL_LISTENER_FLAG_NO_VALIDATE` flag is being used with the `SSL_new_listener()` call, it should be removed to prevent the vulnerability from being exploitable.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: NULL pointer dereference in QUIC server initial packet handling"
    },
    {
      "cve": "CVE-2026-42766",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481890"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A remote attacker could exploit a NULL pointer dereference vulnerability in the Cryptographic Message Syntax (CMS) decryption process by providing a specially crafted password-encrypted CMS message. This occurs because the keyDerivationAlgorithm field, which is optional, is dereferenced without proper validation. Successful exploitation leads to an application crash, resulting in a Denial of Service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Possible NULL Dereference in Password-Based CMS Decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue is rated as Low impact. A NULL pointer dereference in OpenSSL\u0027s CMS decryption can be triggered by a specially crafted password-encrypted CMS message, leading to an Red Hat application crash and Denial of Service. This affects applications that perform password-based CMS decryption.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42766"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481890",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481890"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42766",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42766"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42766",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42766"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Possible NULL Dereference in Password-Based CMS Decryption"
    },
    {
      "cve": "CVE-2026-42767",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481891"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol (CMP) server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format (CRMF) CertRepMessage with a specific malformed EncryptedValue structure, would trigger a NULL pointer dereference in the OpenSSL CMP client. This vulnerability leads to a crash of the application, resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Low severity issue. A null pointer dereference flaw in the OpenSSL Certificate Management Protocol (CMP) client could be triggered by an attacker-controlled CMP server. This could lead to a denial of service in applications that process untrusted CMP/CRMF messages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42767"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481891",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481891"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42767",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42767"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42767",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42767"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, ensure that OpenSSL CMP client applications only communicate with trusted Certificate Management Protocol (CMP) servers. If CMP client functionality is not required, consider disabling or restricting its use to reduce exposure.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption"
    },
    {
      "cve": "CVE-2026-42768",
      "cwe": {
        "id": "CWE-205",
        "name": "Observable Behavioral Discrepancy"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481892"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL\u0027s CMS_decrypt() and PKCS7_decrypt() functions. This vulnerability, a Bleichenbacher-style oracle, could allow a remote attacker to decrypt or sign messages using the victim\u0027s private RSA key. Exploitation requires the attacker to provide specially crafted CMS or S/MIME messages and observe the application\u0027s error codes or decryption output. While the attack is technically possible, the specific conditions required make it unlikely to be exploited in typical deployments.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low severity vulnerability in OpenSSL\u0027s CMS_decrypt() and PKCS7_decrypt() functions exposes a Bleichenbacher-style oracle. Exploitation requires an attacker to control input CMS/S/MIME messages and observe decryption errors or output, a scenario deemed unlikely in most Red Hat product deployments. The attack could allow decryption or signing of messages with a victim\u0027s private RSA key.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42768"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481892",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481892"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42768",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42768"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42768",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42768"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, applications utilizing CMS_decrypt() or PKCS7_decrypt() should ensure a recipient certificate is always provided to identify the specific RecipientInfo for decryption. This practice helps prevent the Bleichenbacher-style oracle attack by ensuring proper key identification.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()"
    },
    {
      "cve": "CVE-2026-42769",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481893"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Certificate Management Protocol (CMP) implementation within OpenSSL. An attacker with existing Registration Authority (RA) level credentials could exploit an error in the certificate verification process during a Root Certificate Authority (CA) key update. This vulnerability allows the attacker to replace the root CA certificate for CMP clients with a fraudulent one. The primary consequence is an escalation of privileges, enabling the attacker to gain control equivalent to the root CA.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue has a Low impact as it requires an attacker to already possess valid Registration Authority (RA) level credentials to exploit. A flaw in the Certificate Management Protocol (CMP) root CA key update process could allow an RA to substitute the root CA certificate for CMP clients with an arbitrary certificate, potentially leading to a trust-anchor substitution. FIPS modules are not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42769"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481893",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481893"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42769",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42769"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42769",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42769"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate"
    },
    {
      "cve": "CVE-2026-42770",
      "cwe": {
        "id": "CWE-354",
        "name": "Improper Validation of Integrity Check Value"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481894"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. A malicious peer can exploit this vulnerability by presenting a specially crafted DHX (X9.42) peer key. Due to improper validation of the peer key\u0027s subgroup membership, an attacker can recover the victim\u0027s private key after a small number of key exchange attempts. This information disclosure can lead to unauthorized access or further compromise of affected systems.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: FFC-DH Peer Validation Uses Attacker-Supplied q",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Low severity flaw in OpenSSL affects systems configured to use DHX (X9.42) peer keys for key derivation, allowing a malicious peer to potentially recover a victim\u0027s private key. The attack requires specific conditions, such as long-lived RA/CA DHX keys in CMP deployments or bespoke applications utilizing X9.42 DHX static keys with interactive protocols, limiting its broader impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42770"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481894",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481894"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42770",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42770"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42770",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42770"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: FFC-DH Peer Validation Uses Attacker-Supplied q"
    },
    {
      "cve": "CVE-2026-45445",
      "cwe": {
        "id": "CWE-1204",
        "name": "Generation of Weak Initialization Vector (IV)"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481896"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface (EVP_Cipher()) will have their provided Initialization Vector (IV) silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the confidentiality of encrypted data. Additionally, this issue allows for the universal forgery of authentication tags, undermining the integrity of communications.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: AES-OCB IV Ignored on EVP_Cipher() Path",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a Moderate severity flaw where applications utilizing the AES-OCB cipher through OpenSSL\u0027s EVP_Cipher() one-shot interface may silently discard the provided initialization vector (IV). This leads to nonce reuse, compromising confidentiality and enabling universal forgery of authentication tags. Red Hat products are primarily affected if they include or rely on third-party applications that specifically employ this less common and discouraged API usage with AES-OCB, as standard OpenSSL SSL/TLS implementations and applications using the recommended streaming AEAD API are not impacted.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45445"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481896",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481896"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45445",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45445"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45445",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45445"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: AES-OCB IV Ignored on EVP_Cipher() Path"
    },
    {
      "cve": "CVE-2026-45446",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481897"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. The implementations of AES-SIV (Advanced Encryption Standard - SIV) and AES-GCM-SIV (Advanced Encryption Standard - Galois/Counter Mode - SIV) incorrectly process authentication tags for empty messages. This vulnerability allows a remote attacker to forge empty messages with arbitrary Additional Authenticated Data (AAD) in applications that utilize these specific cipher modes within custom protocols and do not properly handle zero-length ciphertexts. This could lead to unauthorized data manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is rated as Low impact. It affects applications that utilize OpenSSL\u0027s AES-SIV or AES-GCM-SIV modes within custom protocols and specifically mishandle empty ciphertexts. Standard OpenSSL protocols, such as TLS, are not affected. Successful exploitation requires an application to use the EVP interface and to skip ciphertext updates when processing zero-length ciphertexts, representing an uncommon and non-default configuration.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45446"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481897",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481897"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45446",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45446"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45446",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45446"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "The vulnerability arises from specific application implementations using OpenSSL\u0027s AES-SIV or AES-GCM-SIV modes with custom protocols and an atypical handling of empty ciphertexts. As this scenario is not a default or commonly deployed configuration in Red Hat products, and no direct configuration or operational control exists to mitigate this specific flaw without patching, the following applies:\n\nMitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes"
    },
    {
      "cve": "CVE-2026-45447",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-05-27T14:17:46+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2481898"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#7 or S/MIME (Secure/Multipurpose Internet Mail Extensions) signed message, a heap use-after-free vulnerability in the PKCS7_verify() function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, leading to incorrect memory deallocation. A remote attacker could exploit this to cause application crashes, memory corruption, or potentially achieve remote code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This High severity heap use-after-free flaw in OpenSSL\u0027s PKCS7_verify() function can be triggered by processing a specially crafted PKCS#7 or S/MIME signed message. This could lead to application crashes, memory corruption, or potentially remote code execution, impacting services that handle such messages. The vulnerability specifically affects applications utilizing OpenSSL PKCS#7 APIs, while those using CMS APIs are not impacted.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
          "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45447"
        },
        {
          "category": "external",
          "summary": "RHBZ#2481898",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481898"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45447",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45447"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45447",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45447"
        }
      ],
      "release_date": "2026-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-11T13:24:31+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:25239"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "AppStream-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.src",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-debugsource-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-devel-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.i686",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-libs-debuginfo-1:3.5.5-4.el9_8.x86_64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.aarch64",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.ppc64le",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.s390x",
            "BaseOS-9.8.0.Z.MAIN.EUS:openssl-perl-1:3.5.5-4.el9_8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-9076 (GCVE-0-2026-9076)

alsa-2026:25237

Vulnerability from osv_almalinux

CERTFR-2026-AVI-0717

Solutions

FKIE_CVE-2026-9076

GHSA-Q98X-73C3-57GJ

RHSA-2026:25237

RHSA-2026:25239

Tags

Sightings

Nomenclature