Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-28364 (GCVE-0-2026-28364)
Vulnerability from cvelistv5 – Published: 2026-02-27 03:54 – Updated: 2026-02-27 15:49
VLAI?
EPSS
Summary
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.
Severity ?
7.9 (High)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-28364",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T15:48:53.652379Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T15:49:06.382Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:opam/ocaml",
"product": "OCaml",
"vendor": "OCaml",
"versions": [
{
"lessThan": "4.14.3",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "5.4.1",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ocaml:ocaml:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ocaml:ocaml:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.1",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T03:58:04.453Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/ocaml/security-advisories/blob/generated-osv/2026/OSEC-2026-01.json"
},
{
"url": "https://osv.dev/vulnerability/OSEC-2026-01"
}
],
"x_generator": {
"engine": "CVE-Request-form 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2026-28364",
"datePublished": "2026-02-27T03:54:53.458Z",
"dateReserved": "2026-02-27T03:54:53.320Z",
"dateUpdated": "2026-02-27T15:49:06.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-28364\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2026-02-27T04:16:03.410\",\"lastModified\":\"2026-03-06T19:15:08.113\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.\"},{\"lang\":\"es\",\"value\":\"En OCaml anterior a 4.14.3 y 5.x anterior a 5.4.1, un desbordamiento de lectura de b\u00fafer en la deserializaci\u00f3n de Marshal (runtime/intern.c) permite la ejecuci\u00f3n remota de c\u00f3digo a trav\u00e9s de una cadena de ataque multifase. La vulnerabilidad radica en la falta de validaci\u00f3n de l\u00edmites en la funci\u00f3n readblock(), que realiza operaciones memcpy() sin l\u00edmites utilizando longitudes controladas por el atacante a partir de datos Marshal manipulados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N\",\"baseScore\":7.9,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.5,\"impactScore\":4.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"cve@mitre.org\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-126\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ocaml:ocaml:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.14.3\",\"matchCriteriaId\":\"C54A8C4D-61D8-446B-8DCA-FBF8394EE7B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ocaml:ocaml:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.4.1\",\"matchCriteriaId\":\"296325F6-F724-4C88-9A80-6D5696A35225\"}]}]}],\"references\":[{\"url\":\"https://github.com/ocaml/security-advisories/blob/generated-osv/2026/OSEC-2026-01.json\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://osv.dev/vulnerability/OSEC-2026-01\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-28364\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-27T15:48:53.652379Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-27T15:49:01.471Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.9, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"OCaml\", \"product\": \"OCaml\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"4.14.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"5.0.0\", \"lessThan\": \"5.4.1\", \"versionType\": \"semver\"}], \"packageURL\": \"pkg:opam/ocaml\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/ocaml/security-advisories/blob/generated-osv/2026/OSEC-2026-01.json\"}, {\"url\": \"https://osv.dev/vulnerability/OSEC-2026-01\"}], \"x_generator\": {\"engine\": \"CVE-Request-form 0.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-126\", \"description\": \"CWE-126 Buffer Over-read\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:ocaml:ocaml:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.14.3\"}, {\"criteria\": \"cpe:2.3:a:ocaml:ocaml:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.1\", \"versionStartIncluding\": \"5.0.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2026-02-27T03:58:04.453Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-28364\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-27T15:49:06.382Z\", \"dateReserved\": \"2026-02-27T03:54:53.320Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2026-02-27T03:54:53.458Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-28364
Vulnerability from fkie_nvd - Published: 2026-02-27 04:16 - Updated: 2026-03-06 19:15
Severity ?
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/ocaml/security-advisories/blob/generated-osv/2026/OSEC-2026-01.json | Vendor Advisory | |
| cve@mitre.org | https://osv.dev/vulnerability/OSEC-2026-01 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ocaml:ocaml:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C54A8C4D-61D8-446B-8DCA-FBF8394EE7B6",
"versionEndExcluding": "4.14.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ocaml:ocaml:*:*:*:*:*:*:*:*",
"matchCriteriaId": "296325F6-F724-4C88-9A80-6D5696A35225",
"versionEndExcluding": "5.4.1",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data."
},
{
"lang": "es",
"value": "En OCaml anterior a 4.14.3 y 5.x anterior a 5.4.1, un desbordamiento de lectura de b\u00fafer en la deserializaci\u00f3n de Marshal (runtime/intern.c) permite la ejecuci\u00f3n remota de c\u00f3digo a trav\u00e9s de una cadena de ataque multifase. La vulnerabilidad radica en la falta de validaci\u00f3n de l\u00edmites en la funci\u00f3n readblock(), que realiza operaciones memcpy() sin l\u00edmites utilizando longitudes controladas por el atacante a partir de datos Marshal manipulados."
}
],
"id": "CVE-2026-28364",
"lastModified": "2026-03-06T19:15:08.113",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 4.7,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-02-27T04:16:03.410",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/ocaml/security-advisories/blob/generated-osv/2026/OSEC-2026-01.json"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://osv.dev/vulnerability/OSEC-2026-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-126"
}
],
"source": "cve@mitre.org",
"type": "Primary"
}
]
}
cve-2026-28364
Vulnerability from osv_ocaml
Published
2026-02-17 13:30
Modified
2026-02-27 09:30
Summary
Buffer Over-Read in OCaml Marshal Deserialization
Details
Summary
A critical buffer over-read vulnerability in OCaml's Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from malicious Marshal data.
Please note that Marshal is not type safe, and you have to be careful if you use the deserialization on untrusted input (due to type confusion, and remote code execution by design - you can use Marshal for code).
Affected functions: Marshal.from_channel, Marshal.from_bytes, Marshal.from_string, Stdlib.input_value, Pervasives.input_value when reading data from an untrusted source.
Vulnerability Attack Vector
Corrupted or malicious marshaled data that causes undefined behaviour in the runtime system when unmarshaled.
input_value should either fail cleanly or produce a well-formed OCaml object, without corrupting the runtime system.
Consequently, this excludes:
-
well-formed marshaled data that produces an OCaml object that is not of the type expected by the OCaml code and causes the Ocaml code to crash or misbehave
-
misuses of the OCaml runtime system by the program performing input_value, such as setting
Debugger.function_placeholderto the wrong function.
The former issue may be addressed at some point by validating the unmarshaled OCaml value against the expected type, using the functions from module Obj and some kind of run-time type description.
The latter issue is a bug in the program that unmarshals the data.
Fix
OCaml runtime
The OCaml runtime has been hardened with additional bounds checks. An exception is raised on bad input.
Third party libraries
Third party libraries that want to harden their custom Marshal deserialization code can follow the example fix for bigarrays from the standard library.
There are new macros in custom.h called Wsize_custom_data and Bsize_custom_data that return the size in words or bytes of the allocated custom destination block. The deserializer needs to ensure it only writes data within those bounds.
This only needs to be done if the library defines a custom type in a C binding, and struct custom_operations's deserialize field is not set to NULL or custom_deserialize_default, and struct custom_operations's fixed_length field is set to NULL or custom_fixed_length_default
Since Marshal.from* and input_value remain unsafe to use, the fix for the OCaml runtime is released, and we wouldn't attempt to coordinate updating all deserialization functions in the ecosystem.
Timeline
- Nov 4th 2025: Discovery Date: Discovered first in OxCaml
- Nov 5th 2025: First Disclosure Date (Jane Street Team): Emailed top maintainers, no response.
- Nov 9th 2025: Second Disclosure Date (OCaml Team): Submitted to OCaml/ocaml GitHub Repo as a Security Advisory.
- Nov 11th 2025: Emailed OCaml Security Mail List: Submitted to OCaml over email, responded asking for details.
- Nov 11th 2025: Third Disclosure (OCaml Security Response Team): Submitted to ocaml/security-advisories GitHub Repo as a Security Advisory.
- Dec 16th 2025: Initial patch is developed
- Dec 17th 2025: Fuzz testing found further issues
- Dec 24th 2025: Final patch for OCaml is developed
- Dec 25th 2025: Fuzz testing couldn't find any further issues
- Jan 2nd 2026: Patch got reviewed by OCaml maintainers
- Jan 4th 2026: Benchmarking of the patch with good results
- Jan 6th 2026: Reporter got contacted to confirm
- Jan 25th 2026: Further related issues discovered by fuzzing
- Feb 17th 2026: fixed OCaml releases are published, security advisory is published
Credits
Justin Timperio
Nicolás Ojeda Bär
Xavier Leroy
Gabriel Scherer
Xavier Leroy
Olivier Nicole
Damien Doligez
Gabriel Scherer
Mindy Preston
Edwin Török
Hannes Mehnert
{
"affected": [
{
"ecosystem_specific": {
"opam_constraint": "ocaml {\u003c \"4.14.3\" | \u003e= \"5\" \u0026 \u003c \"5.4.1\"}"
},
"package": {
"ecosystem": "opam",
"name": "ocaml",
"purl": "pkg:opam/ocaml"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.14.3"
}
],
"type": "ECOSYSTEM"
},
{
"events": [
{
"introduced": "5"
},
{
"fixed": "5.4.1"
}
],
"type": "ECOSYSTEM"
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "b0a2614684a52acded784ec213f14ddfe085d146"
}
],
"repo": "https://github.com/ocaml/ocaml",
"type": "GIT"
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "e3919fef436f89271bc30bbe8592851f7289fb68"
}
],
"repo": "https://github.com/ocaml/ocaml",
"type": "GIT"
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "508d35d970a70a39ea2c9d9241ae4587a9b3a96a"
}
],
"repo": "https://github.com/ocaml/ocaml",
"type": "GIT"
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3aa27e4d2522950b2fe2acf868591209e93d1377"
}
],
"repo": "https://github.com/ocaml/ocaml",
"type": "GIT"
}
],
"versions": [
"3.07",
"3.07+1",
"3.07+2",
"3.08.0",
"3.08.1",
"3.08.2",
"3.08.3",
"3.08.4",
"3.09.0",
"3.09.1",
"3.09.2",
"3.09.3",
"3.10.0",
"3.10.1",
"3.10.2",
"3.11.0",
"3.11.1",
"3.11.2",
"3.12.0",
"3.12.1",
"4.00.0",
"4.00.1",
"4.01.0",
"4.02.0",
"4.02.1",
"4.02.2",
"4.02.3",
"4.02.4",
"4.03.0",
"4.03.1",
"4.04.0",
"4.04.1",
"4.04.2",
"4.04.3",
"4.05.0",
"4.05.1",
"4.06.0",
"4.06.1",
"4.06.2",
"4.07.0",
"4.07.1",
"4.07.2",
"4.08.0",
"4.08.1",
"4.08.2",
"4.09.0",
"4.09.1",
"4.09.2",
"4.10.0",
"4.10.1",
"4.10.2",
"4.10.3",
"4.11.0",
"4.11.1",
"4.11.2",
"4.11.3",
"4.12.0",
"4.12.1",
"4.12.2",
"4.13.0",
"4.13.1",
"4.13.2",
"4.14.0",
"4.14.1",
"4.14.2",
"5.0.0",
"5.0.1",
"5.1.0",
"5.1.1",
"5.1.2",
"5.2.0",
"5.2.1",
"5.2.2",
"5.3.0",
"5.3.1",
"5.4.0"
]
}
],
"aliases": [
"CVE-2026-28364",
"GHSA-j26j-m5xr-g23c",
"GHSA-m34r-cgq7-jhfm"
],
"credits": [
{
"name": "Justin Timperio",
"type": "REPORTER"
},
{
"name": "Nicol\u00e1s Ojeda B\u00e4r",
"type": "REMEDIATION_DEVELOPER"
},
{
"name": "Xavier Leroy",
"type": "REMEDIATION_DEVELOPER"
},
{
"name": "Gabriel Scherer",
"type": "REMEDIATION_DEVELOPER"
},
{
"name": "Xavier Leroy",
"type": "REMEDIATION_REVIEWER"
},
{
"name": "Olivier Nicole",
"type": "REMEDIATION_REVIEWER"
},
{
"name": "Damien Doligez",
"type": "REMEDIATION_REVIEWER"
},
{
"name": "Gabriel Scherer",
"type": "REMEDIATION_REVIEWER"
},
{
"name": "Mindy Preston",
"type": "REMEDIATION_VERIFIER"
},
{
"name": "Edwin T\u00f6r\u00f6k",
"type": "REMEDIATION_VERIFIER"
},
{
"name": "Hannes Mehnert",
"type": "COORDINATOR"
}
],
"database_specific": {
"cwe": [
"CWE-126",
"CWE-502",
"CWE-754"
],
"human_link": "https://github.com/ocaml/security-advisories/tree/main/advisories/2026/OSEC-2026-01.md",
"osv": "https://github.com/ocaml/security-advisories/tree/generated-osv/2026/OSEC-2026-01.json"
},
"details": "## Summary\n\nA critical buffer over-read vulnerability in OCaml\u0027s Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from malicious Marshal data.\n\nPlease note that Marshal is not type safe, and you have to be careful if you use the deserialization on untrusted input (due to type confusion, and remote code execution by design - you can use Marshal for code).\n\nAffected functions: `Marshal.from_channel`, `Marshal.from_bytes`, `Marshal.from_string`, `Stdlib.input_value`, `Pervasives.input_value` when reading data from an untrusted source.\n\n## Vulnerability Attack Vector\n\nCorrupted or malicious marshaled data that causes undefined behaviour in the runtime system when unmarshaled.\n`input_value` should either fail cleanly or produce a well-formed OCaml object, without corrupting the runtime system.\n\nConsequently, this excludes:\n\n* well-formed marshaled data that produces an OCaml object that is not of the type expected by the OCaml code and causes the Ocaml code to crash or misbehave\n\n* misuses of the OCaml runtime system by the program performing input_value, such as setting `Debugger.function_placeholder` to the wrong function.\n\nThe former issue may be addressed at some point by validating the unmarshaled OCaml value against the expected type, using the functions from module `Obj` and some kind of run-time type description.\n\nThe latter issue is a bug in the program that unmarshals the data.\n\n## Fix\n\n### OCaml runtime\n\nThe OCaml runtime has been hardened with additional bounds checks. An exception is raised on bad input.\n\n### Third party libraries\n\nThird party libraries that want to harden their custom Marshal deserialization code can follow the example fix for bigarrays from the standard library.\nThere are new macros in `custom.h` called `Wsize_custom_data` and `Bsize_custom_data` that return the size in words or bytes of the allocated custom destination block. The deserializer needs to ensure it only writes data within those bounds.\n\nThis only needs to be done if the library defines a custom type in a C binding, and `struct custom_operations`\u0027s `deserialize` field is not set to `NULL` or `custom_deserialize_default`, and `struct custom_operations`\u0027s `fixed_length` field is set to `NULL` or `custom_fixed_length_default`\n\nSince `Marshal.from*` and `input_value` remain unsafe to use, the fix for the OCaml runtime is released, and we wouldn\u0027t attempt to coordinate updating all deserialization functions in the ecosystem.\n\n## Timeline\n\n- Nov 4th 2025: Discovery Date: Discovered first in OxCaml\n- Nov 5th 2025: First Disclosure Date (Jane Street Team): Emailed top maintainers, no response.\n- Nov 9th 2025: Second Disclosure Date (OCaml Team): Submitted to OCaml/ocaml GitHub Repo as a Security Advisory.\n- Nov 11th 2025: Emailed OCaml Security Mail List: Submitted to OCaml over email, responded asking for details.\n- Nov 11th 2025: Third Disclosure (OCaml Security Response Team): Submitted to ocaml/security-advisories GitHub Repo as a Security Advisory.\n- Dec 16th 2025: Initial patch is developed\n- Dec 17th 2025: Fuzz testing found further issues\n- Dec 24th 2025: Final patch for OCaml is developed\n- Dec 25th 2025: Fuzz testing couldn\u0027t find any further issues\n- Jan 2nd 2026: Patch got reviewed by OCaml maintainers\n- Jan 4th 2026: Benchmarking of the patch with good results\n- Jan 6th 2026: Reporter got contacted to confirm\n- Jan 25th 2026: Further related issues discovered by fuzzing\n- Feb 17th 2026: fixed OCaml releases are published, security advisory is published",
"id": "OSEC-2026-01",
"modified": "2026-02-27T09:30:00Z",
"published": "2026-02-17T13:30:00Z",
"references": [
{
"type": "REPORT",
"url": "https://github.com/ocaml/security-advisories/security/advisories/GHSA-j26j-m5xr-g23c"
}
],
"schema_version": "1.7.4",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Buffer Over-Read in OCaml Marshal Deserialization"
}
MSRC_CVE-2026-28364
Vulnerability from csaf_microsoft - Published: 2026-02-02 00:00 - Updated: 2026-03-11 14:35Summary
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-28364 In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-28364.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.",
"tracking": {
"current_release_date": "2026-03-11T14:35:49.000Z",
"generator": {
"date": "2026-03-12T07:26:37.051Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-28364",
"initial_release_date": "2026-02-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-02-28T01:04:48.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-03-08T01:01:32.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-03-09T14:36:45.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
},
{
"date": "2026-03-11T14:35:49.000Z",
"legacy_version": "4",
"number": "4",
"summary": "Information published."
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 ocaml 5.1.1-1",
"product": {
"name": "\u003cazl3 ocaml 5.1.1-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 ocaml 5.1.1-1",
"product": {
"name": "azl3 ocaml 5.1.1-1",
"product_id": "20930"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 ocaml 4.13.1-2",
"product": {
"name": "\u003ccbl2 ocaml 4.13.1-2",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 ocaml 4.13.1-2",
"product": {
"name": "cbl2 ocaml 4.13.1-2",
"product_id": "21039"
}
}
],
"category": "product_name",
"name": "ocaml"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 ocaml 5.1.1-1 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 ocaml 5.1.1-1 as a component of Azure Linux 3.0",
"product_id": "20930-17084"
},
"product_reference": "20930",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 ocaml 4.13.1-2 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 ocaml 4.13.1-2 as a component of CBL Mariner 2.0",
"product_id": "21039-17086"
},
"product_reference": "21039",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-28364",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20930-17084",
"21039-17086"
],
"known_affected": [
"17084-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-28364 In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-28364.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-28T01:04:48.000Z",
"details": "5.1.1-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2026-02-28T01:04:48.000Z",
"details": "4.13.1-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 7.9,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"17084-2",
"17086-1"
]
}
],
"title": "In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data."
}
]
}
SUSE-SU-2026:0830-1
Vulnerability from csaf_suse - Published: 2026-03-05 15:17 - Updated: 2026-03-05 15:17Summary
Security update for ocaml
Notes
Title of the patch
Security update for ocaml
Description of the patch
This update for ocaml fixes the following issues:
- CVE-2026-28364: missing bounds validation in readblock() can lead to arbitrary code execution (bsc#1258992).
Patchnames
SUSE-2026-830,SUSE-SLE-Module-Development-Tools-15-SP7-2026-830,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-830,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-830,openSUSE-SLE-15.6-2026-830
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ocaml",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ocaml fixes the following issues:\n\n- CVE-2026-28364: missing bounds validation in readblock() can lead to arbitrary code execution (bsc#1258992).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-830,SUSE-SLE-Module-Development-Tools-15-SP7-2026-830,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-830,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-830,openSUSE-SLE-15.6-2026-830",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0830-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0830-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260830-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0830-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024629.html"
},
{
"category": "self",
"summary": "SUSE Bug 1258992",
"url": "https://bugzilla.suse.com/1258992"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-28364 page",
"url": "https://www.suse.com/security/cve/CVE-2026-28364/"
}
],
"title": "Security update for ocaml",
"tracking": {
"current_release_date": "2026-03-05T15:17:30Z",
"generator": {
"date": "2026-03-05T15:17:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0830-1",
"initial_release_date": "2026-03-05T15:17:30Z",
"revision_history": [
{
"date": "2026-03-05T15:17:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ocaml-4.14.2-150600.3.3.1.aarch64",
"product": {
"name": "ocaml-4.14.2-150600.3.3.1.aarch64",
"product_id": "ocaml-4.14.2-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"product": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"product_id": "ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"product": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"product_id": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"product": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"product_id": "ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"product": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"product_id": "ocaml-runtime-4.14.2-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocaml-source-4.14.2-150600.3.3.1.aarch64",
"product": {
"name": "ocaml-source-4.14.2-150600.3.3.1.aarch64",
"product_id": "ocaml-source-4.14.2-150600.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ocaml-4.14.2-150600.3.3.1.i586",
"product": {
"name": "ocaml-4.14.2-150600.3.3.1.i586",
"product_id": "ocaml-4.14.2-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.i586",
"product": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.i586",
"product_id": "ocaml-compiler-libs-4.14.2-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.i586",
"product": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.i586",
"product_id": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.i586",
"product": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.i586",
"product_id": "ocaml-ocamldoc-4.14.2-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "ocaml-runtime-4.14.2-150600.3.3.1.i586",
"product": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.i586",
"product_id": "ocaml-runtime-4.14.2-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "ocaml-source-4.14.2-150600.3.3.1.i586",
"product": {
"name": "ocaml-source-4.14.2-150600.3.3.1.i586",
"product_id": "ocaml-source-4.14.2-150600.3.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ocaml-4.14.2-150600.3.3.1.ppc64le",
"product": {
"name": "ocaml-4.14.2-150600.3.3.1.ppc64le",
"product_id": "ocaml-4.14.2-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"product": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"product_id": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"product": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"product_id": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"product": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"product_id": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"product": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"product_id": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocaml-source-4.14.2-150600.3.3.1.ppc64le",
"product": {
"name": "ocaml-source-4.14.2-150600.3.3.1.ppc64le",
"product_id": "ocaml-source-4.14.2-150600.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ocaml-4.14.2-150600.3.3.1.s390x",
"product": {
"name": "ocaml-4.14.2-150600.3.3.1.s390x",
"product_id": "ocaml-4.14.2-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"product": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"product_id": "ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"product": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"product_id": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"product": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"product_id": "ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"product": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"product_id": "ocaml-runtime-4.14.2-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ocaml-source-4.14.2-150600.3.3.1.s390x",
"product": {
"name": "ocaml-source-4.14.2-150600.3.3.1.s390x",
"product_id": "ocaml-source-4.14.2-150600.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ocaml-4.14.2-150600.3.3.1.x86_64",
"product": {
"name": "ocaml-4.14.2-150600.3.3.1.x86_64",
"product_id": "ocaml-4.14.2-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"product": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"product_id": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"product": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"product_id": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"product": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"product_id": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"product": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"product_id": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocaml-source-4.14.2-150600.3.3.1.x86_64",
"product": {
"name": "ocaml-source-4.14.2-150600.3.3.1.x86_64",
"product_id": "ocaml-source-4.14.2-150600.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-runtime-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-4.14.2-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-source-4.14.2-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.aarch64"
},
"product_reference": "ocaml-source-4.14.2-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-source-4.14.2-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.ppc64le"
},
"product_reference": "ocaml-source-4.14.2-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-source-4.14.2-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.s390x"
},
"product_reference": "ocaml-source-4.14.2-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocaml-source-4.14.2-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.x86_64"
},
"product_reference": "ocaml-source-4.14.2-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-28364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-28364"
}
],
"notes": [
{
"category": "general",
"text": "In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-28364",
"url": "https://www.suse.com/security/cve/CVE-2026-28364"
},
{
"category": "external",
"summary": "SUSE Bug 1258992 for CVE-2026-28364",
"url": "https://bugzilla.suse.com/1258992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-compiler-libs-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-compiler-libs-devel-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-ocamldoc-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-runtime-4.14.2-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.s390x",
"openSUSE Leap 15.6:ocaml-source-4.14.2-150600.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-05T15:17:30Z",
"details": "important"
}
],
"title": "CVE-2026-28364"
}
]
}
GHSA-G54X-7HPM-29Q8
Vulnerability from github – Published: 2026-02-27 06:31 – Updated: 2026-02-27 06:31
VLAI?
Details
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.
Severity ?
7.9 (High)
{
"affected": [],
"aliases": [
"CVE-2026-28364"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-27T04:16:03Z",
"severity": "HIGH"
},
"details": "In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.",
"id": "GHSA-g54x-7hpm-29q8",
"modified": "2026-02-27T06:31:28Z",
"published": "2026-02-27T06:31:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28364"
},
{
"type": "WEB",
"url": "https://github.com/ocaml/security-advisories/blob/generated-osv/2026/OSEC-2026-01.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/OSEC-2026-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
CERTFR-2026-AVI-0284
Vulnerability from certfr_avis - Published: 2026-03-12 - Updated: 2026-03-12
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "azl3 kernel 6.6.126.1-1 versions ant\u00e9rieures \u00e0 6.6.126.1-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 ocaml 5.1.1-1 versions ant\u00e9rieures \u00e0 5.1.1-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 zlib 1.3.1-1 versions ant\u00e9rieures \u00e0 1.3.2-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 ocaml 4.13.1-2 versions ant\u00e9rieures \u00e0 4.13.1-3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-28364",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28364"
},
{
"name": "CVE-2024-14027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-14027"
},
{
"name": "CVE-2026-3381",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3381"
}
],
"initial_release_date": "2026-03-12T00:00:00",
"last_revision_date": "2026-03-12T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0284",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2026-02-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28364",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28364"
},
{
"published_at": "2026-03-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-3381",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3381"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-14027",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-14027"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…